CVE-2022-49521

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix resource leak in lpfcsli4sendseqtoulp If no handler is found in lpfccompleteunsoliocb to match the rctl of a received frame, the frame is dropped and resources are leaked. Fix by returning resources when discardin...

CVE-2022-49512

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so use them. Otherwise we will get the following splat: 4.472703 denali-nand-pci 0000:00:05.0: timeout while...

CVE-2022-49508

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elaninputconfigured 'input' is a managed resource allocated with devminputallocatedevice, so there is no need to call inputfreedevice explicitly or there will be a double free. According to...

CVE-2022-49276

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock and some memory has been added to the jffs2summary s, we can observe the following kmemleak report:...

CVE-2022-49242

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxssgtl5000probe This function only calls ofnodeput in the regular path. And it will cause refcount leak in error paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL, it wil...

CVE-2022-49732

In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 "sock: Introduce sk-skprot-psockupdateskprot" has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function. I'm guessing that this was...

CVE-2022-49047

In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix UAF in ep93xxclkregistergate arch/arm/mach-ep93xx/clock.c:154:2: warning: Use of memory after it is freed clang-analyzer-unix.Malloc arch/arm/mach-ep93xx/clock.c:151:2: note: Taking true branch if ISERRclk ^...

CVE-2021-47646

In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash 1 happened to be triggered in conjunction with commit 2d52c58b9c9b "block, bfq: honor already-setup queue merges". The latter was then reverted by commit...

CVE-2022-49606

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qosmutex to process RoCEv2 QP's on netdev events causes a kernel splat. Fix this by removing the handling for RoCEv2 in irdmacmteardownconnections that uses the mutex. Thi...

CVE-2022-49502

In the Linux kernel, the following vulnerability has been resolved: media: rga: fix possible memory leak in rgaprobe rga-m2mdev needs to be freed when rgaprobe fails...

CVE-2022-49153

A flaw was found in the WireGuard module in the Linux kernel. A memory leak can occur due to a missing memory release when the IPv6 CONFIGIPV6 support is disabled, potentially impacting system performance and possibly resulting in a denial of service. Mitigation Mitigation for this issue is eithe...

CVE-2022-49559

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a triple fault for L2 escape and incorrectly end up in L1. In normal operation, the sanity check is...

CVE-2022-49218

In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix OOB read when handling Post Cursor2 register The linkstatus array was not large enough to read the Adjust Request Post Cursor2 register, so remove the common helper function to avoid an OOB read, found with a...

CVE-2022-49115

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix misused goto label Fix a misused goto label jump since that can result in a memory leak...

CVE-2022-49717

In the Linux kernel, the following vulnerability has been resolved: irqchip/apple-aic: Fix refcount leak in buildfiqaffinity offindnodebyphandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-49600

In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlipautobindreuse. While reading sysctlipautobindreuse, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49608

In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for null return of devmkcalloc Because of the possible failure of the allocation, data-domains might be NULL pointer and will cause the dereference of the NULL pointer later. Therefore, it might be better t...

CVE-2022-49545

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is being released. For...

CVE-2022-49358

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...

CVE-2022-49453

In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for null return of devmkcalloc The allocation funciton devmkcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly...