CVE-2022-49505 NFC: NULL out the dev->rfkill to prevent UAF

In the Linux kernel, the following vulnerability has been resolved: NFC: NULL out the dev-rfkill to prevent UAF Commit 3e3b5dfcd16a "NFC: reorder the logic in nfcun,registerdevice" assumes the deviceisregistered in function nfcdevup will help to check when the rfkill is unregistered. However, thi...

CVE-2022-49487

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: fix possible null-ptr-deref in ebunandprobe It will cause null-ptr-deref when using 'res', if platformgetresource returns NULL, so move using 'res' after devmioremapresource that will check it to avoid...

CVE-2022-49483 drm/msm/disp/dpu1: avoid clearing hw interrupts if hw_intr is null during drm uninit

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: avoid clearing hw interrupts if hwintr is null during drm uninit If edp modeset init is failed due to panel being not ready and probe defers during drm bind, avoid clearing irqs and dereference hwintr when hwin...

CVE-2022-49480 ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imxhdmiprobe offinddevicebynode takes reference, we should use putdevice to release it. when devmkzalloc fails, it doesn't have a putdevice, it will cause refcount leak. Add missing putdevice ...

CVE-2022-49473 ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*

In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721esocprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-49467

CVE-2022-49467 is a Linux kernel issue: a memory‑leak in the DRM MSM driver during mdp5_crtc_cursor_set() caused by incorrect handling in drm_gem_object_lookup/drm_gem_object_get and cursor_bo when msm_gem_get_and_pin_iova fails. Affected components/impact are within the kernel’s DRM subsystem (d...

CVE-2022-49454 PCI: mediatek: Fix refcount leak in mtk_pcie_subsys_powerup()

In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek: Fix refcount leak in mtkpciesubsyspowerup The offindcompatiblenode function returns a node pointer with refcount incremented, We should use ofnodeput on it when done Add the missing ofnodeput to release the refcoun...

CVE-2022-49454 PCI: mediatek: Fix refcount leak in mtk_pcie_subsys_powerup()

In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek: Fix refcount leak in mtkpciesubsyspowerup The offindcompatiblenode function returns a node pointer with refcount incremented, We should use ofnodeput on it when done Add the missing ofnodeput to release the refcoun...

CVE-2022-49421

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfbofvramsetup ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-49391 remoteproc: mtk_scp: Fix a potential double free

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mtkscp: Fix a potential double free 'scp-rproc' is allocated using devmrprocalloc, so there is no need to free it explicitly in the remove function...

CVE-2022-49384 md: fix double free of io_acct_set bioset

In the Linux kernel, the following vulnerability has been resolved: md: fix double free of ioacctset bioset Now ioacctset is alloc and free in personality. Remove the codes that free ioacctset in mdfree and mdstop...

CVE-2022-49354 ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe

In the Linux kernel, the following vulnerability has been resolved: ata: pataocteoncf: Fix refcount leak in octeoncfprobe offinddevicebynode takes reference, we should use putdevice to release it when not need anymore. Add missing putdevice to avoid refcount leak...

CVE-2022-49314

In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call pcireleaseregions and pcidisabledevice to recycle the resource previously allocated...

CVE-2022-49266

In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rqqosdonebio a647a524a467 "block: don't call rqqosops-donebio if the bio isn't tracked" made bioendio skip rqqosdonebio if BIOTRACKED is not set. While this fixed a potential oops, it also...

CVE-2022-49259

In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if one of the child kobjec...

CVE-2022-49240 ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fix error handling in mt8195mt6359rt1019rt5682devprobe The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls...

CVE-2022-49239 ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing ofnodeput in wcd934xcodecparsedata The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This is similar to commit 64b92de9603f...

CVE-2022-49203

CVE-2022-49203 affects the Linux kernel DRM AMD display path. The issue occurs during GPU reset in the DC/DM bridge, where backing up and then clearing link encoder assignments can lead to a double free of a stream reference, potentially causing a NULL pointer dereference. The root cause is the t...

CVE-2022-49176

CVE-2022-49176: Linux kernel fix for a use-after-free in bfq_dispatch_request (bfq) causing potential memory corruption in SCSI-mq paths. The issue is addressed by kernel patches referenced in the linked advisories (Unity Linux UTSA updates and Astra/Linux advisories). Exploitation status is not ...

CVE-2022-49171

CVE-2022-49171 is a Linux kernel issue in the mm/gup.c path affecting ext4. The race causes [un]pin_user_pages_remote to dirty pages without proper pre-notification to ext4, which can lead to data loss. While the root cause is classed as a bug in mm/gup.c, ext4 is particularly fragile: if another...