1339 matches found
CVE-2023-53044 dm stats: check for and propagate alloc_percpu failure
In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate allocpercpu failure Check allocprecpu's return value and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereference will occu...
CVE-2022-49887
In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdecprobe v4l2deviceunregister need to be called to put the refcount got by v4l2deviceregister when vdecprobe fails or vdecremove is called...
CVE-2022-49827
In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref in drmvblankdestroyworker drmvblankinit call drmmaddactionorreset with drmvblankinitrelease as action. If drmmaddaction failed, will directly call drmvblankinitrelease with the vblank whose worke...
CVE-2022-49767
In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: always use ONONBLOCK read/write syzbot is reporting hung task at p9fdclose 1, for p9muxpollstop from p9conndestroy from p9fdclose is failing to interrupt already started kernelread from p9fdread from p9readwork and/or...
CVE-2025-37792
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtlinitialize function checks that rtlloadfile either had an error or it loaded a zero length file. However, if it loaded a zero length file then the error code is not se...
CVE-2025-37784
In the Linux kernel, the following vulnerability has been resolved: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request The ICSS IEP driver tracks perout and pps enable state with flags. Currently when disabling pps and perout signals during icssiepexit, results in NULL...
CVE-2025-37777
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2leasebreaknoti Move tcptransport free to ksmbdconnfree. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but conn-tcptransport is freed...
CVE-2025-37771
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE...
CVE-2022-49926 net: dsa: Fix possible memory leaks in dsa_loop_init()
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsaloopinit kmemleak reported memory leaks in dsaloopinit: kmemleak: 12 new suspected memory leaks unreferenced object 0xffff8880138ce000 size 2048: comm "modprobe", pid 390, jiffies...
CVE-2022-49915
The CVE-2022-49915 issue affects the Linux kernel mISDN path and is caused by a memory leak in mISDN_register_device due to how device names were allocated. After the commit 1fa5ae857bb1 (driver core: get rid of struct device's bus_id string array), the device name is allocated dynamically and fr...
CVE-2022-49912 btrfs: fix ulist leaks in error paths of qgroup self tests
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ulist leaks in error paths of qgroup self tests In the testnosharedqgroup and testmultiplerefs qgroup self tests, if we fail to add the tree ref, remove the extent item or remove the extent ref, we are returning from t...
CVE-2022-49910 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...
CVE-2022-49900
CVE-2022-49900 affects the Linux kernel i2c piix4 driver. In the single-adapter removal path, piix4_adapter_count is not set (default zero) during piix4_probe(), so piix4_remove() fails to remove the adapter, leaking resources (i2c client and device). This can allow leaked adapters to be accessed...
CVE-2022-49897
This CVE entry is rejected/not used, as stated in the Initial Description.
CVE-2022-49892 ftrace: Fix use-after-free for dynamic ftrace_ops
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftraceops KASAN reported a use-after-free with ftrace ops 1. It was found from vmcore that perf had registered two ops with the same content successively, both dynamic. After unregistering t...
CVE-2022-49888
CVE-2022-49888 affects the ARM64 Linux kernel entry path. The Cortex-A76 erratum workaround (cortex_a76_erratum_1463225_debug_handler) was not inlined due to a patch, allowing a kprobe to probe the function and potentially trigger recursive exceptions and a stack overflow when a probed function e...
CVE-2022-49877
CVE-2022-49877 concerns a Linux kernel vulnerability resolved by a change in the BPF sockmap code. The issue manifests as a warning from sk_stream_kill_queues concerning sk_forward_alloc during test_sockmap selftests. The root cause was a mistaken use of msg->sg.size to replace the tosend valu...
CVE-2022-49859 net: lapbether: fix issue of invalid opcode in lapbeth_open()
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: fix issue of invalid opcode in lapbethopen If lapbregister failed when lapb device goes to up for the first time, the NAPI is not disabled. As a result, the invalid opcode issue is reported when the lapb device go...
CVE-2022-49789 scsi: zfcp: Fix double free of FSF request when qdio send fails
In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcpfsfreqsend' to cache the FSF request ID when sending a new FSF request. This is used in case the sending fails and w...
CVE-2022-49764 bpf: Prevent bpf program recursion for raw tracepoint probes
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...