CVE-2022-49632 icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49632

CVE-2022-49632 is a Linux kernel data-race vulnerability in icmp: reading sysctl_icmp_errors_use_inbound_ifaddr can race with concurrent writes. The fix adds READ_ONCE() to the reader. CVSSv3.1 indicates a Local access requirement, High attack complexity, Low privileges, no user interaction, with...

CVE-2022-49617

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: handle errors on card registration If the card registration fails, typically because of deferred probes, the device properties added for headset codecs are not removed, which leads to kernel oopses in driver...

CVE-2022-49617 ASoC: Intel: sof_sdw: handle errors on card registration

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: handle errors on card registration If the card registration fails, typically because of deferred probes, the device properties added for headset codecs are not removed, which leads to kernel oopses in driver...

CVE-2022-49617

The CVE-2022-49617 issue affects the Linux kernel ASoC: Intel sof_sdw driver, where on card-registration failure (often deferred probes) headset codec device properties are not removed, leading to kernel oops in driver bind/unbind tests. Provided connected documents confirm this exact description...

CVE-2022-49617 ASoC: Intel: sof_sdw: handle errors on card registration

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: handle errors on card registration If the card registration fails, typically because of deferred probes, the device properties added for headset codecs are not removed, which leads to kernel oopses in driver...

CVE-2022-49612

In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...

CVE-2022-49490 drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5piperelease when deadlock is detected mdp5getglobalstate runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5piperelease doesn't check for if an error is...

CVE-2022-49423 rtla: Avoid record NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: rtla: Avoid record NULL pointer dereference Fix the following null/derefnull.cocci errors: ./tools/tracing/rtla/src/osnoisehist.c:870:31-36: ERROR: record is NULL but dereferenced. ./tools/tracing/rtla/src/osnoisetop.c:650:31-36:...

CVE-2022-49404 RDMA/hfi1: Fix potential integer multiplication overflow errors

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done after the...

CVE-2022-49396 phy: qcom-qmp: fix reset-controller leak on probe errors

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error e.g. probe deferral. Note that due to the reset controller being defined in devicetree in "lane...

CVE-2022-49397

CVE-2022-49397 affects the Linux kernel, in the phy: qcom-qmp driver. The vulnerability is a leak of a struct clk (pipe clock reference) on probe errors, including late probe error/deferral paths. The advisory states the fix releases the held pipe clock reference on such errors, i.e., a proper cl...

CVE-2022-49397 phy: qcom-qmp: fix struct clk leak on probe errors

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error e.g. probe deferral...

CVE-2022-49396

CVE-2022-49396 affects the Linux kernel component phy: qcom-qmp, leaking the reset-controller on probe errors. The described fix releases the lane reset controller on late probe errors (e.g., probe deferral) and notes that the reset controller is defined in devicetree in the "lane" child nodes, w...

CVE-2022-49396

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error e.g. probe deferral. Note that due to the reset controller being defined in devicetree in "lane...

CVE-2022-49397 phy: qcom-qmp: fix struct clk leak on probe errors

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error e.g. probe deferral...

CVE-2022-49397

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error e.g. probe deferral...

CVE-2022-49255 f2fs: fix missing free nid in f2fs_handle_failed_inode

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fshandlefailedinode This patch fixes xfstests/generic/475 failure. 293.680694 F2FS-fs dm-1: May loss orphan inode, run fsck to fix. 293.685358 Buffer I/O error on dev dm-1, logical block 8388592,...

CVE-2022-49255

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fshandlefailedinode This patch fixes xfstests/generic/475 failure. 293.680694 F2FS-fs dm-1: May loss orphan inode, run fsck to fix. 293.685358 Buffer I/O error on dev dm-1, logical block 8388592,...

CVE-2022-49226 net: asix: add proper error handling of usb read errors

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...