5.5
CVE-2022-49004 - riscv: Sync efi page table's kernel mappings before switching
In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page table. With VMAP_STACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is aβ¦
5.5
CVE-2022-49011 - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference couβ¦
7.8
CVE-2022-48981 - drm/shmem-helper: Remove errant put in error path
In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove errant put in error path drm_gem_shmem_mmap() doesn't own this reference, resulting in the GEM object getting prematurely freed leading to a later use-after-free.
5.5
CVE-2024-49887 - f2fs: fix to don't panic system for no free segment fault injection
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't panic system for no free segment fault injection syzbot reports a f2fs bug as below: F2FS-fs (loop0): inject no free segment in get_new_segmβ¦
5.5
CVE-2024-49901 - drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs
In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68 ("drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails") where msm_gpu_cleanuβ¦
5.5
CVE-2022-48970 - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
In the Linux kernel, the following vulnerability has been resolved: af_unix: Get user_ns from in_skb in unix_diag_get_exact(). Wei Chen reported a NULL deref in sk_user_ns() [0][1], and Paolo diagnosed the root cause: in unix_diag_get_exact(), the newly allocated skb does not have sk. [2] We musβ¦
5.5
CVE-2024-49949 - net: avoid potential underflow in qdisc_pkt_len_init() with UFO
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO After commit 7c6d2ecbda83 ("net: be more gentle about silly gso requests coming from user") virtio_net_hdr_to_skb() had sanity check to detect malicious attempts froβ¦
5.5
CVE-2022-48959 - net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released.
5.5
CVE-2022-49028 - ixgbevf: Fix resource leak in ixgbevf_init_module()
In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add destroy_workqueue() in fail path to prevent tβ¦
7.1
CVE-2024-49995 - kernel: tipc: guard against string buffer overrun
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.