4.7
CVE-2022-49798 - tracing: Fix race where eprobes can be called before the event
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race where eprobes can be called before the event The flag that tells the event to call its triggers after reading the event is set for eprobes after the eprobe is enabled. This leads to a race where the eprobe may bβ¦
5.5
CVE-2022-49795 - rethook: fix a potential memleak in rethook_alloc()
In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is NULL, which could lead to a memleak, fix it. [Masami: Add "rethook:" tag to the title.] Acke-by: Mβ¦
5.5
CVE-2022-49794 - iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(), so that it can callβ¦
5.5
CVE-2022-49791 - io_uring: fix multishot accept request leaks
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix multishot accept request leaks Having REQ_F_POLLED set doesn't guarantee that the request is executed as a multishot from the polling path. Fortunately for us, if the code thinks it's multishot issue when it's not, β¦
5.5
CVE-2022-49790 - Input: iforce - invert valid length check when fetching device IDs
In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting uninitialized value at iforce_init_device() [1], for commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer when fetching deviβ¦
7.8
CVE-2022-49789 - scsi: zfcp: Fix double free of FSF request when qdio send fails
In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache the FSF request ID when sending a new FSF request. This is used in case the sending fails β¦
5.5
CVE-2022-49787 - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for the returned pci_dev. We need to use pci_dev_put() to decrease the reference count before amd_probe()β¦
5.5
CVE-2022-49786 - blk-cgroup: properly pin the parent in blkcg_css_online
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: properly pin the parent in blkcg_css_online blkcg_css_online is supposed to pin the blkcg of the parent, but 397c9f46ee4d refactored things and along the way, changed it to pin the css instead. This results in extra β¦
5.5
CVE-2022-49784 - perf/x86/amd/uncore: Fix memory leak for events array
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/uncore: Fix memory leak for events array When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. This causes a memory leak as identified by theβ¦
7.8
CVE-2022-49779 - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe has post_handler but other child probes of the aggrprobe do not have post_handler, the posβ¦