CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

CVE-2022-50060

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The teardown sequence in FLR handler returns if no NIX LF is attached to PF/VF because it indicates that graceful shutdown of resources already happened. But there is a chance of all...

CVE-2022-50029

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gccsleepclksrc Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also. However, it seems that it cannot be disabled and trying to do so produces:...

CVE-2022-50014

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix FOLLFORCE COW security issue and remove FOLLCOW Ever since the Dirty COW CVE-2016-5195 security issue happened, we know that FOLLFORCE can be possibly dangerous, especially if there are races that can be exploited by...

CVE-2022-49936

In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking detected 5.18.0 3 Not...

CVE-2022-50229

CVE-2022-50229 is a Linux kernel vulnerability in the ALSA bcd2000 driver. The issue is a use-after-free (UAF) bug that occurs on the error path during probing: when snd_card_register() fails, the driver frees midi_out_urb before it is killed, enabling a UAF condition. The observed log pattern me...

CVE-2022-50209 meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init

In the Linux kernel, the following vulnerability has been resolved: meson-mx-socinfo: Fix refcount leak in mesonmxsocinfoinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-50201 selinux: fix memleak in security_read_state_kernel()

In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in securityreadstatekernel In this function, it directly returns the result of securityreadpolicy without freeing the allocated memory in data, cause memory leak issue, so free the memory if securityreadpolic...

CVE-2022-50201

CVE-2022-50201 affects the Linux kernel SELinux path: memleak in security_read_state_kernel() where the function returns the result of __security_read_policy without freeing allocated memory in *data. This memory leak occurs when __security_read_policy fails. The issue is addressed by freeing the...

CVE-2022-50200 selinux: Add boundary check in put_entry()

In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in putentry Just like nextentry, boundary check is necessary to prevent memory out-of-bound access...

CVE-2022-50198 ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init

In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omap3xxxprmlateinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-50191 regulator: of: Fix refcount leak bug in of_get_regulation_constraints()

In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in ofgetregulationconstraints We should call the ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...

CVE-2022-50185 drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix potential buffer overflow in nisetmcspecialregisters The last case label can write two buffers 'mcregaddressj' and 'mcdataj' with 'j' offset equal to SMCNISLANDSMCREGISTERARRAYSIZE since there are no checks for th...

CVE-2022-50184 drm/meson: encoder_hdmi: Fix refcount leak in meson_encoder_hdmi_init

In the Linux kernel, the following vulnerability has been resolved: drm/meson: encoderhdmi: Fix refcount leak in mesonencoderhdmiinit ofgraphgetremotenode returns remote device nodepointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount...

CVE-2022-50177 rcutorture: Fix ksoftirqd boosting timing and iteration

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail in two situations: 1 If nrcpus= maxcpus=, which means if the total number of CPUs is higher than those brought online at boot, then...

CVE-2022-50159

In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently imagetkexecbuffer doesn't check if the previous kernel's ima-kexec-buffer lies outside the addressable memory range. This can result in a kernel panic i...

CVE-2022-50148 kernfs: fix potential NULL dereference in __kernfs_remove

In the Linux kernel, the following vulnerability has been resolved: kernfs: fix potential NULL dereference in kernfsremove When lockdep is enabled, lockdepassertheldwrite would cause potential NULL pointer dereference. Fix the following smatch warnings: fs/kernfs/dir.c:1353 kernfsremove warn:...

CVE-2022-50136 RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

CVE-2022-50123 ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173: Fix refcount leak in mt8173rt5650rt5676devprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Fix missing ofnodeput in error paths...

CVE-2022-50105 powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader

In the Linux kernel, the following vulnerability has been resolved: powerpc/spufs: Fix refcount leak in spufsinitisolatedloader offindnodebypath returns remote device nodepointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount leak...