5.5
CVE-2022-49140 - kernel: Revert "nbd: fix possible overflow on 'first_minor' in nbd_dev_add()"
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2022-49255 - f2fs: fix missing free nid in f2fs_handle_failed_inode
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fs_handle_failed_inode This patch fixes xfstests/generic/475 failure. [ 293.680694] F2FS-fs (dm-1): May loss orphan inode, run fsck to fix. [ 293.685358] Buffer I/O error on dev dm-1, logical blβ¦
9.8
CVE-2025-25790 -
An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS v1.2.5 allows attackers to execute arbitrary code via uploading a crafted Zip file.
7.8
CVE-2022-49082 - scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_expander_node_remove() frees the port field of the sas_expander structure, leading to the following β¦
5.5
CVE-2022-49678 - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to β¦
7.8
CVE-2022-49535 - scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfc_issue_els_flogi() fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structureβ¦
5.5
CVE-2022-49490 - drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected mdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5_pipe_release doesn't check for if an errβ¦
5.5
CVE-2022-49660 - kernel: xen/arm: Fix race in RB-tree based P2M accounting
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
4.7
CVE-2022-49602 - ip: Fix a data-race around sysctl_fwmark_reflect.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_fwmark_reflect. While reading sysctl_fwmark_reflect, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.
7.8
CVE-2022-49524 - media: pci: cx23885: Fix the error handling in cx23885_initdev()
In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885_initdev() When the driver fails to call the dma_set_mask(), the driver will get the following splat: [ 55.853884] BUG: KASAN: use-after-free in __process_removed_driver+0xβ¦