UBUNTU-CVE-2022-49946

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypidiscoverclocks relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore firmware and it doesn't...

UBUNTU-CVE-2022-50086

In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rqqos add more than once In our test of iocost, we encountered some list add/del corruptions of innerwalk list in ioctimerfn. The reason can be described as follows: cpu 0 cpu 1 iocqoswrite...

UBUNTU-CVE-2022-50049

In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections at dpcmaddpaths, it doesn't check whether the picked BE actually supports for the given stream direction. Due to that, when an asymmetric ...

UBUNTU-CVE-2022-50052

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow although it's...

UBUNTU-CVE-2022-50112

In the Linux kernel, the following vulnerability has been resolved: rpmsg: qcomsmd: Fix refcount leak in qcomsmdparseedge ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when done...

UBUNTU-CVE-2022-50068

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix dummy res NULL ptr deref bug Check the bo-resource value before accessing the resource memtype. v2: Fix commit description unwrapped warning 40.191227 T184 general protection fault, probably for non-canonical address...

UBUNTU-CVE-2022-50171

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - don't sleep when in softirq When kunpeng920 encryption driver is used to deencrypt and decrypt packets during the softirq, it is not allowed to use mutex lock. The kernel will report the following error:...

CVE-2022-50192 spi: tegra20-slink: fix UAF in tegra_slink_remove()

In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: fix UAF in tegraslinkremove After calling spiunregistermaster, the refcount of master will be decrease to 0, and it will be freed in spicontrollerrelease, the device data also will be freed, so it will lead a...

CVE-2022-50163

CVE-2022-50163 concerns a Linux kernel fix for ax25: fix incorrect dev_tracker usage. The root cause was that an ax25_dev could be used by one or more ax25_cb structures, requiring separate dev_tracker per ax25_cb. The patch introduces per-structure tracking to prevent reference tracker mismanage...

CVE-2022-50139 usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()

In the Linux kernel, the following vulnerability has been resolved: usb: aspeed-vhub: Fix refcount leak bug in astvhubinitdesc We should call ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...

CVE-2022-50133

CVE-2022-50133 concerns the Linux kernel where a NULL dereference could occur in usb: xhci_plat_remove due to xhci->shared_hcd being NULL after a specific commit. The vulnerability manifests as an Oops during reboot when the USB xHCI host controller is removed, potentially causing a system cra...

CVE-2022-50122 ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173rt5650devprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Fix refcount leak in some error paths...

CVE-2022-50111

In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6359: Fix refcount leak bug In mt6359parsedt and mt6359accdetparsedt, we should call ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...

CVE-2022-50052

The CVE-2022-50052 issue affects the Linux kernel ASoC: Intel: avs component. It stems from using snprintf(), which returns the would-be-filled size on buffer overflow, creating a potential buffer overflow; the patch replaces snprintf() with scnprintf() to mitigate this. The vulnerability is trac...

CVE-2022-50045

In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fix getphbnumber locking The recent change to getphbnumber causes a DEBUGATOMICSLEEP warning on some systems: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580 inatomic: 1, irqsdisabled...

CVE-2022-50035

CVE-2022-50035 affects the Linux kernel DRM AMDGPU path. The issue is a use-after-free in amdgpu_bo_list mutex handling caused by double-unlocking of bo_list_mutex when amdgpu_cs_vm_handling returns non-zero, which can lead to a refcount underflow (as shown in the trace). The vulnerability is dem...

CVE-2022-49981 HID: hidraw: fix memory leak in hidraw_release()

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidrawrelease Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 size 32: comm "softirq", pid 0, jiffies 4294945143 age 16.080s hex du...

CVE-2022-49965

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: add missing -finixxxx interfaces for some SMU13 asics Without these, potential memory leak may be induced...

CVE-2022-49941

CVE-2022-49941 is rejected/not used; this entry does not represent an active vulnerability.

CVE-2022-49940

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: add sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can happen when attempting to access the "gsm-receive" function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only call...