DEBIAN-CVE-2022-49083

In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix regression in probe for NULL pointer dereference Commit 3f6634d997db "iommu: Use right way to retrieve iommuops" started triggering a NULL pointer dereference for some omap variants: iommuprobedevice from...

DEBIAN-CVE-2022-49073

In the Linux kernel, the following vulnerability has been resolved: ata: satadwc460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATATAGINTERNAL to 32, the value of the SATADWCQCMDMAX needs to account for that...

CVE-2022-49708

CVE-2022-49708 affects the Linux kernel ext4 file system (mballoc allocator). The issue is triggered by a BUG_ON path in ext4_mb_use_inode_pa during disk space accounting, leading to a kernel crash when fsync/writeback paths exercise preallocation and inode pa blocks. Reproduction steps involve c...

CVE-2022-49708

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon ext4mbuseinodepa Hulk Robot reported a BUGON: ================================================================== kernel BUG at fs/ext4/mballoc.c:3211! ... RIP: 0010:ext4mbmarkdiskspaceused.cold+0x85/0x136f ... Cal...

CVE-2022-49414 ext4: fix race condition between ext4_write and ext4_convert_inline_data

In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4write and ext4convertinlinedata Hulk Robot reported a BUGON: ================================================================== EXT4-fs error device loop3: ext4mbgeneratebuddy:805: group 0,...

CVE-2022-49409

Summary: CVE-2022-49409 covers a Linux kernel ext4 bug that can trigger a BUG_ON in __es_tree_search due to a faulty check in ext4_valid_extent_entries when validating extents. The issue can occur during quota-related quota inode loading, propagating through ext4/extents.c to ext4_bread, quota_re...

CVE-2022-49409 ext4: fix bug_on in __es_tree_search

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch Hulk Robot reported a BUGON: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline...

CVE-2022-49380

The CVE-2022-49380 entry concerns a Linux kernel F2FS bug where total_valid_block_count/total_valid_node_count could fuzz to zero, leading to a BUG_ON() during dec_valid_node_count() in f2fs_remove_inode_page()/f2fs_evict_inode(). The issue was fixed by printing a warning and changing behavior to...

CVE-2022-49364

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4...

CVE-2022-49361

The CVE-2022-49361 entry concerns a Linux kernel issue in f2fs where inline inode sanity checks were strengthened. The bug arose when a fuzzed inode had both inline_data and encrypted flags, and during f2fs_evict_inode() invoked by a rename(), inline data could be converted due to flag conflicts,...

CVE-2022-49361 f2fs: fix to do sanity check for inline inode

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1, which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace:...

CVE-2022-49321 xprtrdma: treat all calls not a bcall when bc_serv is NULL

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bcserv is NULL When a rdma server returns a fault format reply, nfs v3 client may treats it as a bcall when bc service is not exist. The debug message at rpcrdmabcreceivecall are,...

CVE-2022-49215

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xskunbinddev starts by setting xs-state to XSKUNBOUND, sets xs-dev to...

CVE-2022-49190 kernel/resource: fix kfree() of bootmem memory again

In the Linux kernel, the following vulnerability has been resolved: kernel/resource: fix kfree of bootmem memory again Since commit ebff7d8f270d "mem hotunplug: fix kfree of bootmem memory", we could get a resource allocated during boot via allocresource. And it's required to release the resource...

CVE-2022-49190

In the Linux kernel, the following vulnerability has been resolved: kernel/resource: fix kfree of bootmem memory again Since commit ebff7d8f270d "mem hotunplug: fix kfree of bootmem memory", we could get a resource allocated during boot via allocresource. And it's required to release the resource...

CVE-2022-49190

CVE-2022-49190 affects the Linux kernel (kernel/resource). Root cause: boot memory allocated via alloc_resource() may be leaked if callers use kfree directly, causing a kernel BUG; remediation leaks only a few bytes to avoid patching every call site. A fix was applied in the kernel (commit ebff7d...

CVE-2022-49118

CVE-2022-49118 relates to the Linux kernel SCSI driver for Hisilicon SAS v3 hardware. The vulnerability arises when the driver probe fails to request the channel IRQ or a fatal IRQ, causing the driver to free IRQ vectors before freeing the IRQs in free_irq(), which can trigger a kernel BUG. The d...

CVE-2022-49118 scsi: hisi_sas: Free irq vectors in order for v3 HW

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq, and this will cause a kernel BUG like...

PT-2025-8183 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the f2fs file system. The issue is related to a missing free nid in f2fs handle failed inode, which can cause a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...