Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7596-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7596-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

SUSE-SU-2025:02098-1 Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059198 fixes one issue. The following security issue was fixed: - CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238730...

CVE-2025-38055

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix segfault with PEBS-via-PT with samplefreq Currently, using PEBS-via-PT with a sample frequency instead of a sample period, causes a segfault. For example: BUG: kernel NULL pointer dereference, address:...

CVE-2022-50126

A flaw was found in the jbd2 module in the Linux kernel. An assertion failure can be triggered when a specific sequence of transactions and operations is performed due to incorrect synchronization, potentially resulting in a denial of service...

CVE-2022-49987

In the Linux kernel, the following vulnerability has been resolved: md: call mdstopwrites in mdstop From the link 1, we can see raid1d was running even after the path raiddtr - mdstop - mdstop. Let's stop write first in destructor to align with normal md-raid to fix the KASAN issue. 1...

CVE-2022-50050

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...

CVE-2022-50166

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...

CVE-2022-49975

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...

CVE-2022-50191

In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in ofgetregulationconstraints We should call the ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...

CVE-2022-50174

In the Linux kernel, the following vulnerability has been resolved: net: hinic: avoid kernel hung in hinicgetstats64 When using hinic device as a bond slave device, and reading device stats of master bond device, the kernel may hung. The kernel panic calltrace as follows: Kernel panic - not...

CVE-2022-50173

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Fix global state lock backoff We need to grab the lock after the early return for !hwpipe case. Otherwise, we could have hit contention yet still returned 0. Fixes an issue that the new CONFIGDRMDEBUGMODESETLOCK stu...

CVE-2022-50169

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix info leak in wilwritefilewmi The simplewritetobuffer function will succeed if even a single byte is initialized. However, we need to initialize the whole buffer to prevent information leaks. Just use...

CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

CVE-2022-50060

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The teardown sequence in FLR handler returns if no NIX LF is attached to PF/VF because it indicates that graceful shutdown of resources already happened. But there is a chance of all...

CVE-2022-50029

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gccsleepclksrc Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also. However, it seems that it cannot be disabled and trying to do so produces:...

CVE-2022-50014

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix FOLLFORCE COW security issue and remove FOLLCOW Ever since the Dirty COW CVE-2016-5195 security issue happened, we know that FOLLFORCE can be possibly dangerous, especially if there are races that can be exploited by...

CVE-2022-49936

In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking detected 5.18.0 3 Not...

CVE-2022-50229

CVE-2022-50229 is a Linux kernel vulnerability in the ALSA bcd2000 driver. The issue is a use-after-free (UAF) bug that occurs on the error path during probing: when snd_card_register() fails, the driver frees midi_out_urb before it is killed, enabling a UAF condition. The observed log pattern me...

CVE-2022-50209 meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init

In the Linux kernel, the following vulnerability has been resolved: meson-mx-socinfo: Fix refcount leak in mesonmxsocinfoinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-50201

CVE-2022-50201 affects the Linux kernel SELinux path: memleak in security_read_state_kernel() where the function returns the result of __security_read_policy without freeing allocated memory in *data. This memory leak occurs when __security_read_policy fails. The issue is addressed by freeing the...