7.8
CVE-2022-49811 - drbd: use after free in drbd_create_device()
In the Linux kernel, the following vulnerability has been resolved: drbd: use after free in drbd_create_device() The drbd_destroy_connection() frees the "connection" so use the _safe() iterator to prevent a use after free.
5.5
CVE-2022-49809 - net/x25: Fix skb leak in x25_lapb_receive_frame()
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the undersized/fragmented skb error handling path. Otherwise there is a memoβ¦
5.5
CVE-2022-49808 - net: dsa: don't leak tagger-owned storage on switch driver unbind
In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba ("net: dsa: introduce tagger-owned storage for private and shared data"), we had a call to tag_ops->disconnect(dst) issued from β¦
5.5
CVE-2022-49806 - net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
In the Linux kernel, the following vulnerability has been resolved: net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start() sparx_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref mayβ¦
7.8
CVE-2022-49804 - s390: avoid using global register for current_stack_pointer
In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a function") made current_stack_pointer a global register variable like on many other architectures. Unforβ¦
5.5
CVE-2022-49801 - tracing: Fix memory leak in tracing_read_pipe()
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in tracing_read_pipe() kmemleak reports this issue: unreferenced object 0xffff888105a18900 (size 128): comm "test_progs", pid 18933, jiffies 4336275356 (age 22801.766s) hex dump (first 32 bytes): β¦
5.5
CVE-2022-49800 - tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() test_gen_synth_cmd() only free buf in fail path, hence buf will leak when there is no failure. Add kfree(buf) to prevent the memleak. The same reason aβ¦
4.7
CVE-2022-49798 - tracing: Fix race where eprobes can be called before the event
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race where eprobes can be called before the event The flag that tells the event to call its triggers after reading the event is set for eprobes after the eprobe is enabled. This leads to a race where the eprobe may bβ¦
5.5
CVE-2022-49795 - rethook: fix a potential memleak in rethook_alloc()
In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is NULL, which could lead to a memleak, fix it. [Masami: Add "rethook:" tag to the title.] Acke-by: Mβ¦
5.5
CVE-2022-49794 - iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(), so that it can callβ¦