CVE-2022-50311

CVE-2022-50311 affects the Linux kernel: a refcount leak in cxl_calc_capp_routing due to of_get_next_parent() returning a node pointer with refcount incremented and a missing of_node_put() on the error path. The issue is resolved by adding the missing of_node_put() in the error path to balance th...

CVE-2022-50311 cxl: Fix refcount leak in cxl_calc_capp_routing

In the Linux kernel, the following vulnerability has been resolved: cxl: Fix refcount leak in cxlcalccapprouting ofgetnextparent returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. This function only calls ofnodeput in normal path, missing it in...

CVE-2022-50298 slimbus: qcom-ngd: cleanup in probe error path

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd: cleanup in probe error path Add proper error path in probe to cleanup resources previously acquired/allocated to fix warnings visible during probe deferral: notifier callback qcomslimngdssrnotify already...

CVE-2022-50298

CVE-2022-50298 refers to a Linux kernel issue in the slimbus: qcom-ngd driver where probe error handling failed to clean up resources, leading to a warning path and potential resource leakage. The fix adds proper cleanup in probe() to unwind resources acquired during probe, as documented in the i...

CVE-2022-50298 slimbus: qcom-ngd: cleanup in probe error path

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd: cleanup in probe error path Add proper error path in probe to cleanup resources previously acquired/allocated to fix warnings visible during probe deferral: notifier callback qcomslimngdssrnotify already...

CVE-2022-50294

CVE-2022-50294 affects the Linux kernel’s libertas wifi driver (lbs_init_adapter). The root cause is a memory leak when kfifo_alloc() fails, where the cmd buffer is not freed, with remediation by adding memory free handling in the error path. The vulnerability yields a local attacker against a de...

CVE-2023-53225 spi: imx: Don't skip cleanup in remove's error path

In the Linux kernel, the following vulnerability has been resolved: spi: imx: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried later and so this is a...

CVE-2023-53225 spi: imx: Don't skip cleanup in remove's error path

In the Linux kernel, the following vulnerability has been resolved: spi: imx: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried later and so this is a...

CVE-2023-53225 spi: imx: Don't skip cleanup in remove's error path

In the Linux kernel, the following vulnerability has been resolved: spi: imx: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried later and so this is a...

CVE-2023-53200 netfilter: x_tables: fix percpu counter block leak on error path when creating new netns

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...

CVE-2022-50282 chardev: fix error handling in cdev_device_add()

In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the following report: ------------ cut here ------------ kobject: 'null' 0000000039956980: is not initialized, yet kobjectput is being called...

CVE-2022-50268

CVE-2022-50268 affects the Linux kernel mmap/moxart MMC host handling. The issue is in mmc_add_host(): if the function returns an error and the return value is not checked, memory allocated by mmc_alloc_host() could be leaked, potentially causing a kernel crash when removing an unreliably added d...

CVE-2022-50267 mmc: rtsx_pci: fix return value check of mmc_add_host()

In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxpci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

CVE-2022-50264

CVE-2022-50264 affects the Linux kernel clock subsystem, specifically the socfpga gate init path. The issue is a memory leak in the socfpga_clk/ops error path, corrected by freeing both the socfpga_clk and its ops on error. The vulnerability is categorized with a CVSS v3.1 base score of 5.5 (Medi...

CVE-2022-50264 clk: socfpga: Fix memory leak in socfpga_gate_init()

In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fix memory leak in socfpgagateinit Free @socfpgaclk and @ops on the error path to avoid memory leak issue...

CVE-2022-50264 clk: socfpga: Fix memory leak in socfpga_gate_init()

In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fix memory leak in socfpgagateinit Free @socfpgaclk and @ops on the error path to avoid memory leak issue...

CVE-2023-53190

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix memory leaks in error path The memory allocated by vxlanvnigroupinit is not freed in the error path, leading to memory leaks 1. Fix by calling vxlanvnigroupuninit in the error path. The leaks can be reproduced by...

CVE-2023-53195

In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxswmlinecardsinit The line cards array is not freed in the error path of mlxswmlinecardsinit, which can lead to a memory leak. Fix by freeing the array in the error path, thereby...

DEBIAN-CVE-2023-53190

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix memory leaks in error path The memory allocated by vxlanvnigroupinit is not freed in the error path, leading to memory leaks 1. Fix by calling vxlanvnigroupuninit in the error path. The leaks can be reproduced by...

DEBIAN-CVE-2023-53195

In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxswmlinecardsinit The line cards array is not freed in the error path of mlxswmlinecardsinit, which can lead to a memory leak. Fix by freeing the array in the error path, thereby...