linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50856 | — | >= 5.5.0, < 5.10.152 | 5.10.152 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked. | ||
| CVE-2022-50855 | — | >= 6.0.0, < 6.0.16 | 6.0.16 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In [0], we added the ability to bpf_prog_attach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPF_LSM_CGROU | ||
| CVE-2022-50854 | — | >= 5.12.0, < 5.15.77 | 5.15.77 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() skb should be free in virtual_nci_send(), otherwise kmemleak will report memleak. Steps for reproduction (simulated in qemu): cd tools/testing/selfte | ||
| CVE-2022-50853 | — | < 5.15.86 | 5.15.86 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a credential leak in _nfs4_discover_trunking() | ||
| CVE-2022-50852 | — | >= 6.0.0, < 6.0.3 | 6.0.3 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() Don't dereference "sar_root" after it has been freed. | ||
| CVE-2022-50851 | — | >= 5.7.0, < 6.0.19 | 6.0.19 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: fix the crash in unmap a large memory While testing in vIOMMU, sometimes Guest will unmap very large memory, which will cause the crash. To fix this, add a new function vhost_vdpa_general_unmap(). T | ||
| CVE-2022-50850 | — | >= 2.6.34, < 4.9.337 | 4.9.337 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in ipr_init() ipr_init() will not call unregister_reboot_notifier() when pci_register_driver() fails, which causes a WARNING. Call unregister_reboot_notifier() when pci_register_driver() | ||
| CVE-2022-50849 | — | >= 3.4.0, < 4.9.337 | 4.9.337 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by running 'cat /proc/kcore > /dev/null' on devices using pstore with the ram backend because kmap_atomic() assumes lowmem pages are | ||
| CVE-2022-50848 | — | >= 2.6.29, < 4.9.337 | 4.9.337 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dio_init() If device_register() returns error, the 'dev' and name needs be freed. Add a release function, and then call put_device() in the error path, so the name is f | ||
| CVE-2022-50847 | — | >= 5.18.0, < 6.0.16 | 6.0.16 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries | ||
| CVE-2022-50846 | — | >= 2.6.31, < 4.9.337 | 4.9.337 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. I | ||
| CVE-2022-50845 | — | >= 4.13.0, < 4.14.303 | 4.14.303 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 (12-Sep-2022) Pass 1: Ch | ||
| CVE-2022-50844 | — | >= 5.13.0, < 5.15.86 | 5.15.86 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function p | ||
| CVE-2022-50843 | — | >= 5.4.0, < 5.4.229 | 5.4.229 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clone_dtr() Dm_clone also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in clone_dtr(). | ||
| CVE-2022-50842 | — | >= 5.7.0, < 5.10.150 | 5.10.150 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent NULL dereference if userspace passes a VRAM BO. | ||
| CVE-2022-50841 | — | >= 5.15.0, < 5.15.87 | 5.15.87 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size The offset addition could overflow and pass the used size check given an attribute with very large size (e.g., 0xffffff7f) while parsing MFT attributes. This coul | ||
| CVE-2022-50840 | — | >= 4.2.0, < 4.9.337 | 4.9.337 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snic_tgt_create() Smatch reports a warning as follows: drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list If device_add() fails in s | ||
| CVE-2022-50839 | — | >= 5.10.0, < 5.10.150 | 5.10.150 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without update 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head | ||
| CVE-2022-50838 | — | < 4.9.337 | 4.9.337 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: stream: purge sk_error_queue in sk_stream_kill_queues() Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1) SOF_TIMESTAMPING_TX_ACK is | ||
| CVE-2022-50837 | — | >= 5.15.0, < 5.15.86 | 5.15.86 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path If dsa_tag_8021q_setup() fails, for example due to the inability of the device to install a VLAN, the tag_8021q context of the switc |
- CVE-2022-50856Dec 30, 2025affected >= 5.5.0, < 5.10.152fixed 5.10.152
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked.
- CVE-2022-50855Dec 30, 2025affected >= 6.0.0, < 6.0.16fixed 6.0.16
In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In [0], we added the ability to bpf_prog_attach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPF_LSM_CGROU
- CVE-2022-50854Dec 30, 2025affected >= 5.12.0, < 5.15.77fixed 5.15.77
In the Linux kernel, the following vulnerability has been resolved: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() skb should be free in virtual_nci_send(), otherwise kmemleak will report memleak. Steps for reproduction (simulated in qemu): cd tools/testing/selfte
- CVE-2022-50853Dec 30, 2025affected < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a credential leak in _nfs4_discover_trunking()
- CVE-2022-50852Dec 30, 2025affected >= 6.0.0, < 6.0.3fixed 6.0.3
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() Don't dereference "sar_root" after it has been freed.
- CVE-2022-50851Dec 30, 2025affected >= 5.7.0, < 6.0.19fixed 6.0.19
In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: fix the crash in unmap a large memory While testing in vIOMMU, sometimes Guest will unmap very large memory, which will cause the crash. To fix this, add a new function vhost_vdpa_general_unmap(). T
- CVE-2022-50850Dec 30, 2025affected >= 2.6.34, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in ipr_init() ipr_init() will not call unregister_reboot_notifier() when pci_register_driver() fails, which causes a WARNING. Call unregister_reboot_notifier() when pci_register_driver()
- CVE-2022-50849Dec 30, 2025affected >= 3.4.0, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by running 'cat /proc/kcore > /dev/null' on devices using pstore with the ram backend because kmap_atomic() assumes lowmem pages are
- CVE-2022-50848Dec 30, 2025affected >= 2.6.29, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dio_init() If device_register() returns error, the 'dev' and name needs be freed. Add a release function, and then call put_device() in the error path, so the name is f
- CVE-2022-50847Dec 30, 2025affected >= 5.18.0, < 6.0.16fixed 6.0.16
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries
- CVE-2022-50846Dec 30, 2025affected >= 2.6.31, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. I
- CVE-2022-50845Dec 30, 2025affected >= 4.13.0, < 4.14.303fixed 4.14.303
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 (12-Sep-2022) Pass 1: Ch
- CVE-2022-50844Dec 30, 2025affected >= 5.13.0, < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function p
- CVE-2022-50843Dec 30, 2025affected >= 5.4.0, < 5.4.229fixed 5.4.229
In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clone_dtr() Dm_clone also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in clone_dtr().
- CVE-2022-50842Dec 30, 2025affected >= 5.7.0, < 5.10.150fixed 5.10.150
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent NULL dereference if userspace passes a VRAM BO.
- CVE-2022-50841Dec 30, 2025affected >= 5.15.0, < 5.15.87fixed 5.15.87
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size The offset addition could overflow and pass the used size check given an attribute with very large size (e.g., 0xffffff7f) while parsing MFT attributes. This coul
- CVE-2022-50840Dec 30, 2025affected >= 4.2.0, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snic_tgt_create() Smatch reports a warning as follows: drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list If device_add() fails in s
- CVE-2022-50839Dec 30, 2025affected >= 5.10.0, < 5.10.150fixed 5.10.150
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without update 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head
- CVE-2022-50838Dec 30, 2025affected < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: net: stream: purge sk_error_queue in sk_stream_kill_queues() Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1) SOF_TIMESTAMPING_TX_ACK is
- CVE-2022-50837Dec 30, 2025affected >= 5.15.0, < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path If dsa_tag_8021q_setup() fails, for example due to the inability of the device to install a VLAN, the tag_8021q context of the switc
Page 31 of 88