linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50742 | — | >= 5.2.0, < 5.4.220 | 5.4.220 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afu_ioctl() eventfd_ctx_put need to be called to put the refcount that gotten by eventfd_ctx_fdget when ocxl_irq_set_handler fails. | ||
| CVE-2022-50741 | — | >= 5.13.0, < 5.15.86 | 5.15.86 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Disable useless interrupt to avoid kernel panic There is a hardware bug that the interrupt STMBUF_HALF may be triggered after or when disable interrupt. It may led to unexpected kernel panic. A | ||
| CVE-2022-50740 | — | < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() Syzkaller reports a long-known leak of urbs in ath9k_hif_usb_dealloc_tx_urbs(). The cause of the leak is that usb_get_urb() is c | ||
| CVE-2022-50739 | — | >= 5.15.0, < 5.15.87 | 5.15.87 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the i_op pointer of the inode which is returned after reading Root directory MFT record. We should check the i_op is valid befo | ||
| CVE-2022-50738 | — | >= 5.19.0, < 6.0.19 | 6.0.19 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix an iotlb memory leak Before commit 3d5698793897 ("vhost-vdpa: introduce asid based IOTLB") we called vhost_vdpa_iotlb_unmap(v, iotlb, 0ULL, 0ULL - 1) during release to free all the resources all | ||
| CVE-2022-50737 | — | >= 5.15.0, < 5.15.87 | 5.15.87 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate index root when initialize NTFS security This enhances the sanity check for $SDH and $SII while initializing NTFS security, guarantees these index root are legit. [ 162.459513] BUG: KASAN: | ||
| CVE-2022-50736 | — | >= 5.3.0, < 5.4.229 | 5.4.229 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefin | ||
| CVE-2022-50735 | — | >= 5.11.0, < 5.15.86 | 5.15.86 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the device is not running yet. KASAN: null-ptr-d | ||
| CVE-2022-50734 | — | >= 5.15.0, < 5.15.75 | 5.15.75 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmem_register() dev_set_name will alloc memory for nvmem->dev.kobj.name in nvmem_register, when nvmem_validate_keepouts failed, nvmem's memory will be freed and return, but nobody w | ||
| CVE-2022-50733 | — | >= 2.6.13, < 4.9.331 | 4.9.331 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitiali | ||
| CVE-2022-50732 | — | >= 2.6.33, < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free. | ||
| CVE-2022-50731 | — | >= 5.2.0, < 5.4.220 | 5.4.220 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callb | ||
| CVE-2022-50730 | — | >= 5.8.0, < 5.10.163 | 5.10.163 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new alloc | ||
| CVE-2022-50729 | — | >= 5.15.0, < 5.15.86 | 5.15.86 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbd_session_rpc_open() When ksmbd_rpc_open() fails then it must call ksmbd_rpc_id_free() to undo the result of ksmbd_ipc_id_alloc(). | ||
| CVE-2022-50728 | — | >= 2.6.32, < 4.9.337 | 4.9.337 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur | ||
| CVE-2022-50727 | — | >= 5.14.0, < 5.15.86 | 5.15.86 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efct_device_init() In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init() | ||
| CVE-2022-50726 | — | >= 5.1.0, < 5.4.223 | 5.4.223 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5_cmd_ | ||
| CVE-2022-50725 | — | >= 5.10.0, < 5.10.163 | 5.10.163 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvb_dmxdev_release+0x4d5/0x5d0 [dvb_core] Call Trace: ... dvb_dmxdev_release+0x4d5/0x5 | ||
| CVE-2022-50724 | — | < 5.4.229 | 5.4.229 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, of_node_get()/of_no | ||
| CVE-2022-50723 | — | >= 6.0.0, < 6.0.6 | 6.0.6 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix memory leak in bnxt_nvm_test() Free the kzalloc'ed buffer before returning in the success path. |
- CVE-2022-50742Dec 24, 2025affected >= 5.2.0, < 5.4.220fixed 5.4.220
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afu_ioctl() eventfd_ctx_put need to be called to put the refcount that gotten by eventfd_ctx_fdget when ocxl_irq_set_handler fails.
- CVE-2022-50741Dec 24, 2025affected >= 5.13.0, < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Disable useless interrupt to avoid kernel panic There is a hardware bug that the interrupt STMBUF_HALF may be triggered after or when disable interrupt. It may led to unexpected kernel panic. A
- CVE-2022-50740Dec 24, 2025affected < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() Syzkaller reports a long-known leak of urbs in ath9k_hif_usb_dealloc_tx_urbs(). The cause of the leak is that usb_get_urb() is c
- CVE-2022-50739Dec 24, 2025affected >= 5.15.0, < 5.15.87fixed 5.15.87
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the i_op pointer of the inode which is returned after reading Root directory MFT record. We should check the i_op is valid befo
- CVE-2022-50738Dec 24, 2025affected >= 5.19.0, < 6.0.19fixed 6.0.19
In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix an iotlb memory leak Before commit 3d5698793897 ("vhost-vdpa: introduce asid based IOTLB") we called vhost_vdpa_iotlb_unmap(v, iotlb, 0ULL, 0ULL - 1) during release to free all the resources all
- CVE-2022-50737Dec 24, 2025affected >= 5.15.0, < 5.15.87fixed 5.15.87
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate index root when initialize NTFS security This enhances the sanity check for $SDH and $SII while initializing NTFS security, guarantees these index root are legit. [ 162.459513] BUG: KASAN:
- CVE-2022-50736Dec 24, 2025affected >= 5.3.0, < 5.4.229fixed 5.4.229
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefin
- CVE-2022-50735Dec 24, 2025affected >= 5.11.0, < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the device is not running yet. KASAN: null-ptr-d
- CVE-2022-50734Dec 24, 2025affected >= 5.15.0, < 5.15.75fixed 5.15.75
In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmem_register() dev_set_name will alloc memory for nvmem->dev.kobj.name in nvmem_register, when nvmem_validate_keepouts failed, nvmem's memory will be freed and return, but nobody w
- CVE-2022-50733Dec 24, 2025affected >= 2.6.13, < 4.9.331fixed 4.9.331
In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitiali
- CVE-2022-50732Dec 24, 2025affected >= 2.6.33, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free.
- CVE-2022-50731Dec 24, 2025affected >= 5.2.0, < 5.4.220fixed 5.4.220
In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callb
- CVE-2022-50730Dec 24, 2025affected >= 5.8.0, < 5.10.163fixed 5.10.163
In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new alloc
- CVE-2022-50729Dec 24, 2025affected >= 5.15.0, < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbd_session_rpc_open() When ksmbd_rpc_open() fails then it must call ksmbd_rpc_id_free() to undo the result of ksmbd_ipc_id_alloc().
- CVE-2022-50728Dec 24, 2025affected >= 2.6.32, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur
- CVE-2022-50727Dec 24, 2025affected >= 5.14.0, < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efct_device_init() In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init()
- CVE-2022-50726Dec 24, 2025affected >= 5.1.0, < 5.4.223fixed 5.4.223
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5_cmd_
- CVE-2022-50725Dec 24, 2025affected >= 5.10.0, < 5.10.163fixed 5.10.163
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvb_dmxdev_release+0x4d5/0x5d0 [dvb_core] Call Trace: ... dvb_dmxdev_release+0x4d5/0x5
- CVE-2022-50724Dec 24, 2025affected < 5.4.229fixed 5.4.229
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, of_node_get()/of_no
- CVE-2022-50723Dec 24, 2025affected >= 6.0.0, < 6.0.6fixed 6.0.6
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix memory leak in bnxt_nvm_test() Free the kzalloc'ed buffer before returning in the success path.
Page 42 of 88