USN-7305-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

USN-7303-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

DEBIAN-CVE-2022-49615

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...

DEBIAN-CVE-2022-49591

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: kszcommon: Fix refcount leak bug In kszswitchregister, we should call ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...

DEBIAN-CVE-2022-49535

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...

DEBIAN-CVE-2022-49480

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imxhdmiprobe offinddevicebynode takes reference, we should use putdevice to release it. when devmkzalloc fails, it doesn't have a putdevice, it will cause refcount leak. Add missing putdevice ...

DEBIAN-CVE-2022-49473

In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721esocprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-49469

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix anondev leak in createsubvol When btrfsqgroupinherit, btrfsalloctreeblock, or btrfsinsertroot fail in createsubvol, we return without freeing anondev. Reorganize the error handling in createsubvol to fix this...

DEBIAN-CVE-2022-49454

In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek: Fix refcount leak in mtkpciesubsyspowerup The offindcompatiblenode function returns a node pointer with refcount incremented, We should use ofnodeput on it when done Add the missing ofnodeput to release the refcoun...

DEBIAN-CVE-2022-49332

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Address NULL pointer dereference after stargettorport Calls to stargettorport may return NULL. Add check for NULL rport before dereference...

CVE-2022-49299

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

DEBIAN-CVE-2022-49291

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hwparams and hwfree calls Currently we have neither proper check nor protection against the concurrent calls of PCM hwparams and hwfree ioctls, which may result in a UAF. Since the existing P...

DEBIAN-CVE-2022-49272

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot caught a potential deadlock between the PCM runtime-buffermutex and the mm-mmaplock. It was brought by the recent fix to cover the racy read/write and other...

DEBIAN-CVE-2022-49251

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: va-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 byt...

DEBIAN-CVE-2022-49242

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxssgtl5000probe This function only calls ofnodeput in the regular path. And it will cause refcount leak in error paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL, it wil...

UBUNTU-CVE-2022-49291

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hwparams and hwfree calls Currently we have neither proper check nor protection against the concurrent calls of PCM hwparams and hwfree ioctls, which may result in a UAF. Since the existing P...

UBUNTU-CVE-2022-49406

In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...

UBUNTU-CVE-2022-49249

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 bytes...

UBUNTU-CVE-2022-49455

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxlfileregisterafu inforelease will be called in deviceunregister when info-dev's reference count is 0. So there is no need to call ocxlafuput and kfree again. Fix this by adding freeminor...

UBUNTU-CVE-2022-49521

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix resource leak in lpfcsli4sendseqtoulp If no handler is found in lpfccompleteunsoliocb to match the rctl of a received frame, the frame is dropped and resources are leaked. Fix by returning resources when discardin...