4827 matches found
CVE-2022-49355
CVE-2022-49355 is rejected/withdrawn by the CVE Numbering Authority; not an active vulnerability entry.
CVE-2022-49353 powerpc/papr_scm: don't requests stats with '0' sized stats buffer
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: don't requests stats with '0' sized stats buffer Sachin reported 1 that on a POWER-10 lpar he is seeing a kernel panic being reported with vPMEM when paprscm probe is being called. The panic is of the form below...
CVE-2022-49353
The CVE-2022-49353 entry affects the Linux kernel’s powerpc/papr_scm PMU code. A NULL pointer and kernel panic could be triggered when a zero-sized stat_buffer is passed to drc_pmem_query_stats() for NVDIMM performance IDs because papr_scm_pmu_check_events() did not verify p->stat_buffer_len b...
CVE-2022-49353 powerpc/papr_scm: don't requests stats with '0' sized stats buffer
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: don't requests stats with '0' sized stats buffer Sachin reported 1 that on a POWER-10 lpar he is seeing a kernel panic being reported with vPMEM when paprscm probe is being called. The panic is of the form below...
CVE-2022-49353 powerpc/papr_scm: don't requests stats with '0' sized stats buffer
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: don't requests stats with '0' sized stats buffer Sachin reported 1 that on a POWER-10 lpar he is seeing a kernel panic being reported with vPMEM when paprscm probe is being called. The panic is of the form below...
CVE-2022-49350
CVE-2022-49350 affects the Linux kernel in the net/mdio area, where the symbol mdio_bus_init is annotated with init and exported. The combination of EXPORT_SYMBOL with init places code in .init.text, which may be freed after init and lead to a kernel panic if accessed by modules. The public advis...
CVE-2022-49350
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
CVE-2022-49350 net: mdio: unexport __init-annotated mdio_bus_init()
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
CVE-2022-49350 net: mdio: unexport __init-annotated mdio_bus_init()
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
CVE-2022-49345
The CVE-2022-49345 issue affects the Linux kernel’s net: xfrm subsystem, where __init-annotated xfrm4_protocol_init() is exported via EXPORT_SYMBOL, causing use-after-free risk when __init and EXPORT_SYMBOL co-exist. The root cause is the .init text is freed after init, so modules could access fr...
CVE-2022-49345
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49345 net: xfrm: unexport __init-annotated xfrm4_protocol_init()
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49345 net: xfrm: unexport __init-annotated xfrm4_protocol_init()
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49339 net: ipv6: unexport __init-annotated seg6_hmac_init()
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...
CVE-2022-49339
CVE-2022-49339 affects the Linux kernel’s IPv6 stack, specifically the internal call between seg6.c and seg6_hmac.c. The issue arises from exporting an __init-annotated symbol whose .init.text section can be freed after initialization, creating a potential kernel panic when a module references a ...
CVE-2022-49339 net: ipv6: unexport __init-annotated seg6_hmac_init()
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...
CVE-2022-49339
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...
CVE-2022-49326 rtl818x: Prevent using not initialized queues
In the Linux kernel, the following vulnerability has been resolved: rtl818x: Prevent using not initialized queues Using not existing queues can panic the kernel with rtl8180/rtl8185 cards. Ignore the skb priority for those cards, they only have one tx queue. Pierre Asselin [email protected] reported t...
CVE-2022-49326 rtl818x: Prevent using not initialized queues
In the Linux kernel, the following vulnerability has been resolved: rtl818x: Prevent using not initialized queues Using not existing queues can panic the kernel with rtl8180/rtl8185 cards. Ignore the skb priority for those cards, they only have one tx queue. Pierre Asselin [email protected] reported t...
CVE-2022-49326 rtl818x: Prevent using not initialized queues
In the Linux kernel, the following vulnerability has been resolved: rtl818x: Prevent using not initialized queues Using not existing queues can panic the kernel with rtl8180/rtl8185 cards. Ignore the skb priority for those cards, they only have one tx queue. Pierre Asselin [email protected] reported t...