CVE-2023-53081 ocfs2: fix data corruption after failed write

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2writeendnolock just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page...

CVE-2023-53068 net: usb: lan78xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...

CVE-2023-53067 LoongArch: Only call get_timer_irq() once in constant_clockevent_init()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Only call gettimerirq once in constantclockeventinit Under CONFIGDEBUGATOMICSLEEP=y and CONFIGDEBUGPREEMPT=y, we can see the following messages on LoongArch, this is because using mightsleep in preemption disable...

CVE-2023-53066 qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info

In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: guard against NULL derefs from qediovgetvfinfo We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center linuxtesting.org with the SVACE static analysis...

CVE-2023-53044 dm stats: check for and propagate alloc_percpu failure

In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate allocpercpu failure Check allocprecpu's return value and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereference will occu...

CVE-2022-49887

In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdecprobe v4l2deviceunregister need to be called to put the refcount got by v4l2deviceregister when vdecprobe fails or vdecremove is called...

CVE-2022-49767

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: always use ONONBLOCK read/write syzbot is reporting hung task at p9fdclose 1, for p9muxpollstop from p9conndestroy from p9fdclose is failing to interrupt already started kernelread from p9fdread from p9readwork and/or...

CVE-2025-37792

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtlinitialize function checks that rtlloadfile either had an error or it loaded a zero length file. However, if it loaded a zero length file then the error code is not se...

CVE-2025-37784

In the Linux kernel, the following vulnerability has been resolved: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request The ICSS IEP driver tracks perout and pps enable state with flags. Currently when disabling pps and perout signals during icssiepexit, results in NULL...

CVE-2025-37777

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2leasebreaknoti Move tcptransport free to ksmbdconnfree. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but conn-tcptransport is freed...

CVE-2025-37771

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE...

CVE-2022-49926 net: dsa: Fix possible memory leaks in dsa_loop_init()

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsaloopinit kmemleak reported memory leaks in dsaloopinit: kmemleak: 12 new suspected memory leaks unreferenced object 0xffff8880138ce000 size 2048: comm "modprobe", pid 390, jiffies...

CVE-2022-49915

The CVE-2022-49915 issue affects the Linux kernel mISDN path and is caused by a memory leak in mISDN_register_device due to how device names were allocated. After the commit 1fa5ae857bb1 (driver core: get rid of struct device's bus_id string array), the device name is allocated dynamically and fr...

CVE-2022-49912 btrfs: fix ulist leaks in error paths of qgroup self tests

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ulist leaks in error paths of qgroup self tests In the testnosharedqgroup and testmultiplerefs qgroup self tests, if we fail to add the tree ref, remove the extent item or remove the extent ref, we are returning from t...

CVE-2022-49910 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...

CVE-2022-49900

CVE-2022-49900 affects the Linux kernel i2c piix4 driver. In the single-adapter removal path, piix4_adapter_count is not set (default zero) during piix4_probe(), so piix4_remove() fails to remove the adapter, leaking resources (i2c client and device). This can allow leaked adapters to be accessed...

CVE-2022-49897

This CVE entry is rejected/not used, as stated in the Initial Description.

CVE-2022-49892 ftrace: Fix use-after-free for dynamic ftrace_ops

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftraceops KASAN reported a use-after-free with ftrace ops 1. It was found from vmcore that perf had registered two ops with the same content successively, both dynamic. After unregistering t...

CVE-2022-49888

CVE-2022-49888 affects the ARM64 Linux kernel entry path. The Cortex-A76 erratum workaround (cortex_a76_erratum_1463225_debug_handler) was not inlined due to a patch, allowing a kprobe to probe the function and potentially trigger recursive exceptions and a stack overflow when a probed function e...

CVE-2022-49877

CVE-2022-49877 concerns a Linux kernel vulnerability resolved by a change in the BPF sockmap code. The issue manifests as a warning from sk_stream_kill_queues concerning sk_forward_alloc during test_sockmap selftests. The root cause was a mistaken use of msg->sg.size to replace the tosend valu...