4.7
CVE-2022-49286 - tpm: use try_get_ops() in tpm-space.c
In the Linux kernel, the following vulnerability has been resolved: tpm: use try_get_ops() in tpm-space.c As part of the series conversion to remove nested TPM operations: https://lore.kernel.org/all/[email protected]/ exposure of the chip->tpm_mutex was remβ¦
5.5
CVE-2022-49285 - iio: accel: mma8452: use the correct logic to get mma8452_data
In the Linux kernel, the following vulnerability has been resolved: iio: accel: mma8452: use the correct logic to get mma8452_data The original logic to get mma8452_data is wrong, the *dev point to the device belong to iio_dev. we can't use this dev to find the correct i2c_client. The original loβ¦
5.5
CVE-2022-49279 - NFSD: prevent integer overflow on 32 bit systems
In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent integer overflow on 32 bit systems On a 32 bit system, the "len * sizeof(*p)" operation can have an integer overflow.
5.5
CVE-2022-49219 - vfio/pci: fix memory leak during D3hot to D0 transition
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix memory leak during D3hot to D0 transition If 'vfio_pci_core_device::needs_pm_restore' is set (PCI device does not have No_Soft_Reset bit set in its PMCSR config register), then the current PCI state will be saved loβ¦
5.5
CVE-2022-49210 - MIPS: pgalloc: fix memory leak caused by pgd_free()
In the Linux kernel, the following vulnerability has been resolved: MIPS: pgalloc: fix memory leak caused by pgd_free() pgd page is freed by generic implementation pgd_free() since commit f9cb654cb550 ("asm-generic: pgalloc: provide generic pgd_free()"), however, there are scenarios that the systβ¦
5.5
CVE-2022-49204 - bpf, sockmap: Fix more uncharged while msg has more_data
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has more_data In tcp_bpf_send_verdict(), if msg has more data after tcp_bpf_sendmsg_redir(): tcp_bpf_send_verdict() tosend = msg->sg.size //msg->sg.size = 22220 case __SK_REDIRECT: β¦
5.5
CVE-2022-49150 - rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram
In the Linux kernel, the following vulnerability has been resolved: rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_pβ¦
5.5
CVE-2021-47638 - ubifs: rename_whiteout: Fix double free for whiteout_ui->data
In the Linux kernel, the following vulnerability has been resolved: ubifs: rename_whiteout: Fix double free for whiteout_ui->data 'whiteout_ui->data' will be freed twice if space budget fail for rename whiteout operation as following process: rename_whiteout dev = kmalloc whiteout_ui->data =β¦
5.5
CVE-2022-49054 - Drivers: hv: vmbus: Deactivate sysctl_record_panic_msg by default in isolated guests
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Deactivate sysctl_record_panic_msg by default in isolated guests hv_panic_page might contain guest-sensitive information, do not dump it over to Hyper-V by default in isolated guests. While at it, update someβ¦
5.5
CVE-2021-47650 - ASoC: soc-compress: prevent the potentially use of null pointer
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that snd_soc_register_card() ->snd_soc_bind_card()->soc_init_pcm_runtime() ->snd_soc_dai_compress_new()->snd_soc_new_compress(). In the traceβ¦