7.0
CVE-2022-50709 - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() syzbot is reporting uninit value at ath9k_htc_rx_msg() [1], for ioctl(USB_RAW_IOCTL_EP_WRITE) can call ath9k_hif_usb_rx_stream() with pkt_len = 0 but ath9k_hif_usb_rx_stβ¦
0.0
CVE-2022-50707 - virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()
In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session() 'vc_ctrl_req' is alloced in virtio_crypto_alg_skcipher_close_session(), and should be freed in the invalid ctrl_status->status error handling case. Otheβ¦
5.5
CVE-2022-50703 - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() There are two refcount leak bugs in qcom_smsm_probe(): (1) The 'local_node' is escaped out from for_each_child_of_node() as the break of iteration, we should call of_nβ¦
5.5
CVE-2022-50755 - udf: Avoid double brelse() in udf_rename()
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse() in udf_rename() syzbot reported a warning like below [1]: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 __brelse+0x67/0xa0 ... Call Trace: <TASK> invalidate_bhβ¦
5.5
CVE-2022-50715 - md/raid1: stop mdx_raid1 thread when raid1 array run failed
In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have been released. it β¦
5.5
CVE-2022-50699 - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invaliβ¦
7.0
CVE-2022-50701 - wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level operatiβ¦
7.0
CVE-2023-54148 - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, as the flow is duplicated to the peer eswitch, the related neighbour information on the peer uplink β¦
0.0
CVE-2023-54133 - nfp: clean mc addresses in application firmware when closing port
In the Linux kernel, the following vulnerability has been resolved: nfp: clean mc addresses in application firmware when closing port When moving devices from one namespace to another, mc addresses are cleaned in software while not removed from application firmware. Thus the mc addresses are remaβ¦
7.0
CVE-2023-54141 - wifi: ath11k: Add missing hw_ops->get_ring_selector() for IPQ5018
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Add missing hw_ops->get_ring_selector() for IPQ5018 During sending data after clients connected, hw_ops->get_ring_selector() will be called. But for IPQ5018, this member isn't set, and the following NULL pointer excβ¦