linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50762 | — | < 5.15.86 | 5.15.86 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() syzbot reported UBSAN error as below: [ 76.901829][ T6677] ================================================================================ [ 76.90390 | ||
| CVE-2022-50761 | — | >= 2.6.27, < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory l | ||
| CVE-2022-50760 | — | >= 4.2.0, < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @fro | ||
| CVE-2022-50759 | — | >= 5.12.0, < 6.0.16 | 6.0.16 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak. | ||
| CVE-2022-50758 | — | >= 4.18.0, < 4.19.262 | 4.19.262 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function device_init_td0_ring, memory is allocated for member td_info of priv->apTD0Rings[i], with i increasing from 0. In case of allocation failure, the memory is | ||
| CVE-2022-50757 | — | >= 4.14.0, < 4.14.303 | 4.14.303 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a | ||
| CVE-2022-50756 | — | >= 4.18.0, < 5.10.163 | 5.10.163 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are req | ||
| CVE-2022-50755 | — | >= 4.2.0, < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse() in udf_rename() syzbot reported a warning like below [1]: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 __brelse+0x67/0xa0 ... Call Trace: <T | ||
| CVE-2022-50754 | — | >= 4.13.0, < 4.14.303 | 4.14.303 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not freed or passed out on the failure of copy_from_user(t->data, buf, size), which could lead to a memleak. Fix | ||
| CVE-2022-50753 | — | >= 3.11.0, < 5.4.220 | 5.4.220 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216456 BUG: KASAN: use-after-free in recover_data+0x63ae/0x6ae0 [f2fs] Read of siz | ||
| CVE-2022-50752 | — | >= 5.14.0, < 5.15.75 | 5.15.75 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk() When running chunk-sized reads on disks with badblocks duplicate bio free/puts are observed: ================================================ | ||
| CVE-2022-50751 | — | >= 2.6.16, < 5.4.229 | 5.4.229 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295 | ||
| CVE-2022-50750 | — | >= 5.1.0, < 5.4.229 | 5.4.229 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to avoid memory leak. | ||
| CVE-2022-50749 | — | >= 2.6.12, < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ...... | ||
| CVE-2022-50748 | — | >= 5.19.0, < 5.19.17 | 5.19.17 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Free mq_sysctls if ipc namespace creation failed") Here's a similar memory leak to the one fixed by the patch above. retire_ | ||
| CVE-2022-50747 | — | >= 2.6.14, < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds | ||
| CVE-2022-50746 | — | >= 4.19.0, < 6.0.16 | 6.0.16 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two | ||
| CVE-2022-50745 | — | >= 5.10.0, < 5.10.163 | 5.10.163 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: media: tegra-video: fix device_node use after free At probe time this code path is followed: * tegra_csi_init * tegra_csi_channels_alloc * for_each_child_of_node(node, channel) -- iterates ov | ||
| CVE-2022-50744 | — | < 5.15.86 | 5.15.86 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur. The spin_ | ||
| CVE-2022-50743 | — | >= 5.17.0, < 6.0.16 | 6.0.16 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 (si |
- CVE-2022-50762Dec 24, 2025affected < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() syzbot reported UBSAN error as below: [ 76.901829][ T6677] ================================================================================ [ 76.90390
- CVE-2022-50761Dec 24, 2025affected >= 2.6.27, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory l
- CVE-2022-50760Dec 24, 2025affected >= 4.2.0, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @fro
- CVE-2022-50759Dec 24, 2025affected >= 5.12.0, < 6.0.16fixed 6.0.16
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak.
- CVE-2022-50758Dec 24, 2025affected >= 4.18.0, < 4.19.262fixed 4.19.262
In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function device_init_td0_ring, memory is allocated for member td_info of priv->apTD0Rings[i], with i increasing from 0. In case of allocation failure, the memory is
- CVE-2022-50757Dec 24, 2025affected >= 4.14.0, < 4.14.303fixed 4.14.303
In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a
- CVE-2022-50756Dec 24, 2025affected >= 4.18.0, < 5.10.163fixed 5.10.163
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are req
- CVE-2022-50755Dec 24, 2025affected >= 4.2.0, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse() in udf_rename() syzbot reported a warning like below [1]: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 __brelse+0x67/0xa0 ... Call Trace: <T
- CVE-2022-50754Dec 24, 2025affected >= 4.13.0, < 4.14.303fixed 4.14.303
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not freed or passed out on the failure of copy_from_user(t->data, buf, size), which could lead to a memleak. Fix
- CVE-2022-50753Dec 24, 2025affected >= 3.11.0, < 5.4.220fixed 5.4.220
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216456 BUG: KASAN: use-after-free in recover_data+0x63ae/0x6ae0 [f2fs] Read of siz
- CVE-2022-50752Dec 24, 2025affected >= 5.14.0, < 5.15.75fixed 5.15.75
In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk() When running chunk-sized reads on disks with badblocks duplicate bio free/puts are observed: ================================================
- CVE-2022-50751Dec 24, 2025affected >= 2.6.16, < 5.4.229fixed 5.4.229
In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295
- CVE-2022-50750Dec 24, 2025affected >= 5.1.0, < 5.4.229fixed 5.4.229
In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to avoid memory leak.
- CVE-2022-50749Dec 24, 2025affected >= 2.6.12, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ......
- CVE-2022-50748Dec 24, 2025affected >= 5.19.0, < 5.19.17fixed 5.19.17
In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Free mq_sysctls if ipc namespace creation failed") Here's a similar memory leak to the one fixed by the patch above. retire_
- CVE-2022-50747Dec 24, 2025affected >= 2.6.14, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds
- CVE-2022-50746Dec 24, 2025affected >= 4.19.0, < 6.0.16fixed 6.0.16
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two
- CVE-2022-50745Dec 24, 2025affected >= 5.10.0, < 5.10.163fixed 5.10.163
In the Linux kernel, the following vulnerability has been resolved: staging: media: tegra-video: fix device_node use after free At probe time this code path is followed: * tegra_csi_init * tegra_csi_channels_alloc * for_each_child_of_node(node, channel) -- iterates ov
- CVE-2022-50744Dec 24, 2025affected < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur. The spin_
- CVE-2022-50743Dec 24, 2025affected >= 5.17.0, < 6.0.16fixed 6.0.16
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 (si
Page 41 of 88