CVE-2022-49731

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() In an unlikely (and probably wrong?) case that the 'ppi' parameter ofata_host_alloc_pinfo() points to an array starting with a NULL pointer,there's going to be a ke...

CVE-2022-49647

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading css_sets for migration Each cset (css_set) is pinned by its tasks. When we're moving tasks aroundacross csets for a migration, we need to hold the source and destinationcsets to en...

CVE-2022-49653

In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memoryleak in that code path. The leak is caused by the fact thatrelease_resource() merely removes the resource fr...

CVE-2022-49700

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long asthe TID stays the same. However, two places in __slab_alloc() currentlydon't update the TID when de...

CVE-2022-49583

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly.iavf_get_rx_buffer now sets the rx_buffer return value for dummy receivedescriptors. Without this patch, when ...

CVE-2022-49587

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_notsent_lowat. While reading sysctl_tcp_notsent_lowat, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49603

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_update_priority. While reading sysctl_ip_fwd_update_priority, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49615

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function.But, the rt711->component doesn't be assigned yet.If IO error happened during initial setti...

CVE-2022-49636

In the Linux kernel, the following vulnerability has been resolved: vlan: fix memory leak in vlan_newlink() Blamed commit added back a bug I fixed in commit 9bbd917e0bec("vlan: fix memory leak in vlan_dev_set_egress_priority") If a memory allocation fails in vlan_changelink() after other allocation...

CVE-2022-49644

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() If drm_connector_init fails, intel_connector_free will be called to takecare of proper free. So it is necessary to drop the refcount of portbefore intel_connect...

CVE-2022-49631

In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctl_raw_l3mdev_accept. While reading sysctl_raw_l3mdev_accept, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49707

In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image whichis freshly clear resize_inode feature (not run e2fsck). It could besimply reproduced by following steps. The problem is bec...

CVE-2022-49638

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently.So, we need to add READ_ONCE() to avoid data-races.

CVE-2022-49715

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions of_find_node_by_phandle() returns a node pointer with refcountincremented, we should use of_node_put() on it when not need anymore.Add missing of_node_put() to avoid ...

CVE-2022-49716

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions of_get_child_by_name() returns a node pointer with refcountincremented, we should use of_node_put() on it when not need anymore.When kcalloc fails, it missing of_nod...

CVE-2022-49579

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctl_fib_multipath_hash_policy. While reading sysctl_fib_multipath_hash_policy, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49639

In the Linux kernel, the following vulnerability has been resolved: cipso: Fix data-races around sysctl. While reading cipso sysctl variables, they can be changed concurrently.So, we need to add READ_ONCE() to avoid data-races.

CVE-2022-49590

In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_llm_reports. While reading sysctl_igmp_llm_reports, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers. This test can be packed into a helper, so such changes will...

CVE-2022-49595

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_threshold. While reading sysctl_tcp_probe_threshold, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49598

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_mtu_probing. While reading sysctl_tcp_mtu_probing, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49641

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in proc_douintvec(). A sysctl variable is accessed concurrently, and there is always a chanceof data-race. So, all readers and writers need some basic protection toavoid load/store-tearing. This patch changes...

CVE-2022-49329

In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get aNULL pointer dereference when accessing controldevice's msg_timeout attribute via sysfs: [ 132.841881][ T3644] BUG: kernel NULL ...

CVE-2022-49572

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49601

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. While reading sysctl_tcp_fwmark_accept, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49586

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen. While reading sysctl_tcp_fastopen, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49589

In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_qrv. While reading sysctl_igmp_qrv, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers. This test can be packed into a helper, so such changes will be in thefollow...

CVE-2022-49599

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_l3mdev_accept. While reading sysctl_tcp_l3mdev_accept, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49602

In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_fwmark_reflect. While reading sysctl_fwmark_reflect, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49604

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. While reading sysctl_ip_fwd_use_pmtu, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49632

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49634

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data-races in proc_dou8vec_minmax(). A sysctl variable is accessed concurrently, and there is always a chanceof data-race. So, all readers and writers need some basic protection toavoid load/store-tearing. This patch ch...

CVE-2022-49577

In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctl_udp_l3mdev_accept. While reading sysctl_udp_l3mdev_accept, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49578

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_prot_sock. sysctl_ip_prot_sock is accessed concurrently, and there is always a chanceof data-race. So, all readers and writers need some basic protection toavoid load/store-tearing.

CVE-2022-49580

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. While reading sysctl_fib_multipath_use_neigh, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49344

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix a data-race in unix_dgram_peer_wake_me(). unix_dgram_poll() calls unix_dgram_peer_wake_me() without other'slock held and check if its receive queue is full. Here we need touse unix_recvq_full_lockless() instead of unix...

CVE-2022-49351

In the Linux kernel, the following vulnerability has been resolved: net: altera: Fix refcount leak in altera_tse_mdio_create Every iteration of for_each_child_of_node() decrementsthe reference count of the previous node.When break from a for_each_child_of_node() loop,we need to explicitly call of_n...

CVE-2022-49574

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_recovery. While reading sysctl_tcp_recovery, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49575

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. While reading sysctl_tcp_thin_linear_timeouts, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49593

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_interval. While reading sysctl_tcp_probe_interval, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49600

In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_ip_autobind_reuse. While reading sysctl_ip_autobind_reuse, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49629

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49630

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_ecn_fallback. While reading sysctl_tcp_ecn_fallback, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49573

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_early_retrans. While reading sysctl_tcp_early_retrans, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49671

In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. Whencm_init_listen() fails it doesn't free it, leading to memory leak. Add the missing error unwind.

CVE-2022-49332

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Address NULL pointer dereference after starget_to_rport() Calls to starget_to_rport() may return NULL. Add check for NULL rportbefore dereference.

CVE-2022-49585

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. While reading sysctl_tcp_fastopen_blackhole_timeout, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its readers.

CVE-2022-49626

In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was readafter being freed was vf->pci_dev: it was freed from pci_disable_sriovand later read in efx_ef10_sriov_free_vf_...

CVE-2022-49362

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix potential use-after-free in nfsd_file_put() nfsd_file_put_noref() can free @nf, so don't dereference @nfimmediately upon return from nfsd_file_put_noref().

CVE-2022-49594

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. While reading sysctl_tcp_mtu_probe_floor, it can be changed concurrently.Thus, we need to add READ_ONCE() to its reader.

CVE-2022-49637

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_sync_mem. While reading sysctl_fib_sync_mem, it can be changed concurrently.So, we need to add READ_ONCE() to avoid a data-race.