7.8
CVE-2022-49685 - iio: trigger: sysfs: fix use-after-free on remove
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irq_work_ruβ¦
5.5
CVE-2022-49484 - mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector Fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector routine if the chip does not support dbdc and the hw reports band_idx set to 1.
4.7
CVE-2022-49571 - tcp: Fix data-races around sysctl_tcp_max_reordering.
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_max_reordering. While reading sysctl_tcp_max_reordering, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.
5.5
CVE-2022-49506 - drm/mediatek: Add vblank register/unregister callback functions
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add vblank register/unregister callback functions We encountered a kernel panic issue that callback data will be NULL when it's using in ovl irq handler. There is a timing issue between mtk_disp_ovl_irq_handler() anβ¦
5.5
CVE-2022-49360 - f2fs: fix to do sanity check on total_data_blocks
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on total_data_blocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace: allocaβ¦
4.7
CVE-2022-49286 - tpm: use try_get_ops() in tpm-space.c
In the Linux kernel, the following vulnerability has been resolved: tpm: use try_get_ops() in tpm-space.c As part of the series conversion to remove nested TPM operations: https://lore.kernel.org/all/[email protected]/ exposure of the chip->tpm_mutex was remβ¦
5.5
CVE-2022-49285 - iio: accel: mma8452: use the correct logic to get mma8452_data
In the Linux kernel, the following vulnerability has been resolved: iio: accel: mma8452: use the correct logic to get mma8452_data The original logic to get mma8452_data is wrong, the *dev point to the device belong to iio_dev. we can't use this dev to find the correct i2c_client. The original loβ¦
5.5
CVE-2022-49279 - NFSD: prevent integer overflow on 32 bit systems
In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent integer overflow on 32 bit systems On a 32 bit system, the "len * sizeof(*p)" operation can have an integer overflow.
5.5
CVE-2022-49219 - vfio/pci: fix memory leak during D3hot to D0 transition
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix memory leak during D3hot to D0 transition If 'vfio_pci_core_device::needs_pm_restore' is set (PCI device does not have No_Soft_Reset bit set in its PMCSR config register), then the current PCI state will be saved loβ¦
5.5
CVE-2022-49210 - MIPS: pgalloc: fix memory leak caused by pgd_free()
In the Linux kernel, the following vulnerability has been resolved: MIPS: pgalloc: fix memory leak caused by pgd_free() pgd page is freed by generic implementation pgd_free() since commit f9cb654cb550 ("asm-generic: pgalloc: provide generic pgd_free()"), however, there are scenarios that the systβ¦