5.5
CVE-2023-54019 - sched/psi: use kernfs polling functions for PSI trigger polling
In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroup_file_release causes UAF issues when a cgroup is removed from under a polling process. This is happening because cgroup removal causeβ¦
0.0
CVE-2022-50779 - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): comm "insmod", pid 170β¦
5.5
CVE-2022-50778 - fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL With CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's (CTS) android.hardware.inpuβ¦
5.5
CVE-2022-50769 - mmc: mxcmmc: fix return value check of mmc_add_host()
In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deletinβ¦
5.5
CVE-2022-50768 - scsi: smartpqi: Correct device removal for multi-actuator devices
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause kernel panics.
5.5
CVE-2022-50751 - configfs: fix possible memory leak in configfs_create_dir()
In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295537735 (age 233.784β¦
0.0
CVE-2022-50739 - fs/ntfs3: Add null pointer check for inode operations
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the i_op pointer of the inode which is returned after reading Root directory MFT record. We should check the i_op is valid before trying to createβ¦
7.0
CVE-2022-50726 - net/mlx5: Fix possible use-after-free in async command interface
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5_cmd_cleanup_async_ctx aβ¦
0.0
CVE-2022-50716 - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out syzkaller reported use-after-free with the stack trace like below [1]: [ 38.960489][ C3] ================================================================== [ 38.9β¦
5.5
CVE-2022-50705 - io_uring/rw: defer fsnotify calls to task context
In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the task_work for this request. That avoids valid complβ¦