CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49918 – ipvs: fix WARNING in __ip_vs_cleanup_batch()
https://notcve.org/view.php?id=CVE-2022-49918
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in __ip_vs_cleanup_batch() During the initialization of ip_vs_conn_net_init(), if file ip_vs_conn or ip_vs_conn_sync fails to be created, the initialization is successful by default. Therefore, the ip_vs_conn or ip_vs_conn_sync file doesn't be found during the remove. The following is the stack information: name 'ip_vs_conn_sync' WARNING: CPU: 3 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460 Modules linked i... • https://git.kernel.org/stable/c/61b1ab4583e275af216c8454b9256de680499b19 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49917 – ipvs: fix WARNING in ip_vs_app_net_cleanup()
https://notcve.org/view.php?id=CVE-2022-49917
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file doesn't be found during the remove in ip_vs_app_net_cleanup(). It will cause WRNING. The following is the stack information: name 'ip_vs_app' WARNING: CPU: 1 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460 Modules linked... • https://git.kernel.org/stable/c/457c4cbc5a3dde259d2a1f15d5f9785290397267 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49915 – mISDN: fix possible memory leak in mISDN_register_device()
https://notcve.org/view.php?id=CVE-2022-49915
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, add put_device() to give up the reference, so that the name can be freed in kobject_cleanup() when the refcount is 0. Set device class before put_device() to avoid null release() function WARN message in device_release(). In the Linux kernel, the fol... • https://git.kernel.org/stable/c/1fa5ae857bb14f6046205171d98506d8112dd74e •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49907 – net: mdio: fix undefined behavior in bit shift for __mdiobus_register
https://notcve.org/view.php?id=CVE-2022-49907
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for __mdiobus_register Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in drivers/net/phy/mdio_bus.c:586:27 left shift of 1 by 31 places cannot be represented in type 'int' Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49903 – ipv6: fix WARNING in ip6_route_net_exit_late()
https://notcve.org/view.php?id=CVE-2022-49903
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: fix WARNING in ip6_route_net_exit_late() During the initialization of ip6_route_net_init_late(), if file ipv6_route or rt6_stats fails to be created, the initialization is successful by default. Therefore, the ipv6_route or rt6_stats file doesn't be found during the remove in ip6_route_net_exit_late(). It will cause WRNING. The following is the stack information: name 'rt6_stats' WARNING: CPU: 0 PID: 9 at fs/proc/generic.c:712 remove_... • https://git.kernel.org/stable/c/cdb1876192dbe680b3ac955717fdf7f863c1762d •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-49897 – fscrypt: fix keyring memory leak on mount failure
https://notcve.org/view.php?id=CVE-2022-49897
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fscrypt: fix keyring memory leak on mount failure Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key") moved the keyring destruction from __put_super() to generic_shutdown_super() so that the filesystem's block device(s) are still available. Unfortunately, this causes a memory leak in the case where a mount is attempted with the test_dummy_encryption mount option, but the mount fails after the option has alr... • https://git.kernel.org/stable/c/ccd30a476f8e864732de220bd50e6f372f5ebcab •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49887 – media: meson: vdec: fix possible refcount leak in vdec_probe()
https://notcve.org/view.php?id=CVE-2022-49887
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called. In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or... • https://git.kernel.org/stable/c/70119756311a0be3b95bec2e1ba714673e90feba •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49885 – ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
https://notcve.org/view.php?id=CVE-2022-49885
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc() to fail. The overflow happens in ghes_estatus_pool_init() when calculating len during execution of the statement below as both multiplication operands here are signed int: len += (num_ghes * GHES_ESOURCE_PREALLOC_MAX_SIZE); The following call trace is observed because of this bug: [ 9... • https://git.kernel.org/stable/c/9edf20e5a1d805855e78f241cf221d741b50d482 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49880 – ext4: fix warning in 'ext4_da_release_space'
https://notcve.org/view.php?id=CVE-2022-49880
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows: EXT4-fs (loop0): Free/Dirty block details EXT4-fs (loop0): free_blocks=0 EXT4-fs (loop0): dirty_blocks=0 EXT4-fs (loop0): Block reservation details EXT4-fs (loop0): i_reserved_data_blocks=0 EXT4-fs warning (device loop0): ext4_da_release_space:1527: ext4_da_release_space: ino 18, to_free 1 with only 0 reserved data blocks ------------[ cut here ]------------ WAR... • https://git.kernel.org/stable/c/0de5ee103747fd3a24f1c010c79caabe35e8f0bb •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49879 – ext4: fix BUG_ON() when directory entry has invalid rec_len
https://notcve.org/view.php?id=CVE-2022-49879
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG_ON() when directory entry has invalid rec_len The rec_len field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG() in ext4_rec_len_to_disk(), called from make_indexed_dir(). ------------[ cut here ]------------ kernel BUG at fs/ext4/ext4.h:2413! ... RIP: 0010:make_indexed_dir+0x53f/0x5f0 ... Call Trace: <TASK> ? • https://git.kernel.org/stable/c/2fa24d0274fbf913b56ee31f15bc01168669d909 •