7.8
CVE-2022-49581 - be2net: Fix buffer overflow in be_get_module_eeprom
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in be_get_module_eeprom be_cmd_read_port_transceiver_data assumes that it is given a buffer that is at least PAGE_DATA_LEN long, or twice that if the module supports SFF 8472. However, this is not alwaβ¦
5.5
CVE-2022-49545 - ALSA: usb-audio: Cancel pending work at closing a MIDI substream
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is being released. For fβ¦
5.5
CVE-2022-49514 - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe Call of_node_put(platform_node) to avoid refcount leak in the error path.
7.8
CVE-2022-49489 - drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resuβ¦
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpu_vbif_init_memtypes+0x40/0xb8β¦
5.5
CVE-2022-49488 - drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return -EDEADLK when acquiring the modeset lock, but currently global_state in mdp5_mixer_releaseβ¦
5.5
CVE-2022-49375 - rtc: mt6397: check return value after calling platform_get_resource()
In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
7.8
CVE-2022-49288 - ALSA: pcm: Fix races among concurrent prealloc proc writes
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies thβ¦
6.1
CVE-2024-57423 -
A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function.
5.5
CVE-2022-49446 - nvdimm: Fix firmware activation deadlock scenarios
In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, device_prepare(), operations, and device_shutdown() operations for 'nd_region' devices: Cβ¦
5.5
CVE-2022-49101 - kernel: xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.