0.0
CVE-2025-68352 - spi: ch341: fix out-of-bounds memory access in ch341_transfer_one
In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341_transfer_one Discovered by Atuin - Automated Vulnerability Discovery Engine. The 'len' variable is calculated as 'min(32, trans->len + 1)', which includes the 1-byte command hβ¦
5.5
CVE-2022-50778 - fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL With CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's (CTS) android.hardware.inpuβ¦
0.0
CVE-2022-50775 - RDMA/hns: Fix refcount leak in hns_roce_mmap
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix refcount leak in hns_roce_mmap rdma_user_mmap_entry_get_pgoff() takes the reference. Add missing rdma_user_mmap_entry_put() to release the reference. Acked-by Haoyue Xu <[email protected]>
0.0
CVE-2022-50762 - fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() syzbot reported UBSAN error as below: [ 76.901829][ T6677] ================================================================================ [ 76.903908][ T6677] UBSAN: sβ¦
5.5
CVE-2022-50760 - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @from if it is not NULLβ¦
7.0
CVE-2022-50764 - ipv6/sit: use DEV_STATS_INC() to avoid data-races
In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev->stats.tx_error concurrently. This is because sit tunnels are NETIF_F_LLTX, meaning their ndo_start_xmit() is not protecβ¦
0.0
CVE-2022-50754 - apparmor: fix a memleak in multi_transaction_new()
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not freed or passed out on the failure of copy_from_user(t->data, buf, size), which could lead to a memleak. Fix this bug by addingβ¦
5.5
CVE-2022-50752 - md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk()
In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk() When running chunk-sized reads on disks with badblocks duplicate bio free/puts are observed: ===================================================================β¦
5.5
CVE-2022-50746 - erofs: validate the extent length for uncompressed pclusters
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - m_pa ==β¦
5.5
CVE-2022-50724 - regulator: core: fix resource leak in regulator_register()
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, of_node_get()/of_node_put() unbalancedβ¦