CVE-2022-49406

In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...

CVE-2022-49154

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix panic on out-of-bounds guest IRQ As guestirq is coming from KVMIRQFD API call, it may trigger crash in svmupdatepiirte due to out-of-bounds: crash bt PID: 22218 TASK: ffff951a6ad74980 CPU: 73 COMMAND: "vcpu8" 0...

CVE-2022-49554

In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage's entire page list without defending against page migration. Since pages which haven't yet been...

CVE-2022-49460

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399dmc: Disable edev on remove Otherwise we hit an unablanced enable-count when unbinding the DFI device: 1279.659119 ------------ cut here ------------ 1279.659179 WARNING: CPU: 2 PID: 5638 at...

CVE-2022-49344

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix a data-race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without other's lock held and check if its receive queue is full. Here we need to use unixrecvqfulllockless instead of unixrecvqfull, otherwi...

CVE-2022-49273

In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The clearing of the alarm feature bit was being done prior to allocations of ldata-rtc device, resulting in a...

CVE-2022-49505

In the Linux kernel, the following vulnerability has been resolved: NFC: NULL out the dev-rfkill to prevent UAF Commit 3e3b5dfcd16a "NFC: reorder the logic in nfcun,registerdevice" assumes the deviceisregistered in function nfcdevup will help to check when the rfkill is unregistered. However, thi...

CVE-2021-47638

In the Linux kernel, the following vulnerability has been resolved: ubifs: renamewhiteout: Fix double free for whiteoutui-data 'whiteoutui-data' will be freed twice if space budget fail for rename whiteout operation as following process: renamewhiteout dev = kmalloc whiteoutui-data = dev...

CVE-2022-49726

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

CVE-2022-49677

In the Linux kernel, the following vulnerability has been resolved: ARM: cns3xxx: Fix refcount leak in cns3xxxinit offindcompatiblenode returns a node pointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount leak...

CVE-2022-49713

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix memory leak in dwc2hcdinit usbcreatehcd will alloc memory for hcd, and we should call usbputhcd to free it when platformgetresource fails to prevent memory leak. goto error2 label instead error1 to fix this...

CVE-2022-49158

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix warning message due to adisc being flushed Fix warning message due to adisc being flushed. Linux kernel triggered a warning message where a different error code type is not matching up with the expected type. A...

CVE-2021-47640

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. It not only causes false positives but also false negative as shown the following text. Fix ...

CVE-2022-49567

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix uninit-value in mpolrebindpolicy mpolsetnodemaskmm/mempolicy.c does not set up nodemask when pol-mode is MPOLLOCAL. Check pol-mode before access pol-w.cpusetmemsallowed in mpolrebindpolicymm/mempolicy.c. BUG:...

CVE-2022-49333

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...

CVE-2022-49118

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq, and this will cause a kernel BUG like...

CVE-2022-49207

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down operation we may enqueue data on the ingress msg queue while tear down is trying to free it. sk1 redirect sk2 sk2 -------------------...

CVE-2022-49710

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...

CVE-2022-49426

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fix mm use-after-free We currently call arm64mmcontextput without holding a reference to the mm, which can result in use-after-free. Call mmgrab/mmdrop to ensure the mm only gets freed after we unpinned the...

CVE-2022-49189

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3 and the final D value calculated results in underflow errors. As the curren...