CVE-2022-49987

In the Linux kernel, the following vulnerability has been resolved: md: call mdstopwrites in mdstop From the link 1, we can see raid1d was running even after the path raiddtr - mdstop - mdstop. Let's stop write first in destructor to align with normal md-raid to fix the KASAN issue. 1...

CVE-2022-50050

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...

CVE-2022-50166

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...

CVE-2022-49975

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...

SUSE CVE-2022-50201

In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in securityreadstatekernel In this function, it directly returns the result of securityreadpolicy without freeing the allocated memory in data, cause memory leak issue, so free the memory if securityreadpolic...

CVE-2022-50191

In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in ofgetregulationconstraints We should call the ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...

CVE-2022-50169

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix info leak in wilwritefilewmi The simplewritetobuffer function will succeed if even a single byte is initialized. However, we need to initialize the whole buffer to prevent information leaks. Just use...

CVE-2022-50173

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Fix global state lock backoff We need to grab the lock after the early return for !hwpipe case. Otherwise, we could have hit contention yet still returned 0. Fixes an issue that the new CONFIGDRMDEBUGMODESETLOCK stu...

CVE-2022-50174

In the Linux kernel, the following vulnerability has been resolved: net: hinic: avoid kernel hung in hinicgetstats64 When using hinic device as a bond slave device, and reading device stats of master bond device, the kernel may hung. The kernel panic calltrace as follows: Kernel panic - not...

CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

CVE-2022-50060

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The teardown sequence in FLR handler returns if no NIX LF is attached to PF/VF because it indicates that graceful shutdown of resources already happened. But there is a chance of all...

CVE-2022-50029

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gccsleepclksrc Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also. However, it seems that it cannot be disabled and trying to do so produces:...

CVE-2022-50014

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix FOLLFORCE COW security issue and remove FOLLCOW Ever since the Dirty COW CVE-2016-5195 security issue happened, we know that FOLLFORCE can be possibly dangerous, especially if there are races that can be exploited by...

CVE-2022-49936

In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking detected 5.18.0 3 Not...

CVE-2022-50229

CVE-2022-50229 is a Linux kernel vulnerability in the ALSA bcd2000 driver. The issue is a use-after-free (UAF) bug that occurs on the error path during probing: when snd_card_register() fails, the driver frees midi_out_urb before it is killed, enabling a UAF condition. The observed log pattern me...

CVE-2022-50209 meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init

In the Linux kernel, the following vulnerability has been resolved: meson-mx-socinfo: Fix refcount leak in mesonmxsocinfoinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-50201 selinux: fix memleak in security_read_state_kernel()

In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in securityreadstatekernel In this function, it directly returns the result of securityreadpolicy without freeing the allocated memory in data, cause memory leak issue, so free the memory if securityreadpolic...

CVE-2022-50201

CVE-2022-50201 affects the Linux kernel SELinux path: memleak in security_read_state_kernel() where the function returns the result of __security_read_policy without freeing allocated memory in *data. This memory leak occurs when __security_read_policy fails. The issue is addressed by freeing the...

CVE-2022-50200 selinux: Add boundary check in put_entry()

In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in putentry Just like nextentry, boundary check is necessary to prevent memory out-of-bound access...

CVE-2022-50198 ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init

In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omap3xxxprmlateinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...