linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50644 | — | >= 3.16.0, < 4.9.331 | 4.9.331 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe pm_runtime_get_sync() will increment pm usage counter. Forgetting to putting operation will result in reference leak. Add missing pm_runtime_put_sy | ||
| CVE-2022-50643 | — | >= 5.7.0, < 5.10.152 | 5.10.152 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_copy_file_range() If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked. | ||
| CVE-2022-50642 | — | >= 5.9.0, < 5.15.86 | 5.15.86 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: zero out stale pointers `cros_typec_get_switch_handles` allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of the | ||
| CVE-2022-50641 | — | >= 3.16.0, < 4.9.331 | 4.9.331 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: HSI: omap_ssi: Fix refcount leak in ssi_probe When returning or breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the child node to possibly release the | ||
| CVE-2022-50640 | — | >= 2.6.36, < 4.9.332 | 4.9.332 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, whi | ||
| CVE-2022-50639 | — | >= 5.14.0, < 5.15.75 | 5.15.75 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'io_wqe' struct of the current node doesn't get freed on the error handling path, since i | ||
| CVE-2022-50638 | — | >= 3.10.0, < 4.9.337 | 4.9.337 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:203! in | ||
| CVE-2022-50637 | — | >= 5.9.0, < 5.10.163 | 5.10.163 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() If "cpu_dev" fails to get opp table in qcom_cpufreq_hw_read_lut(), the program will return, resulting in "table" resource is not released. | ||
| CVE-2022-50636 | — | >= 3.13.0, < 4.14.303 | 4.14.303 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_device_is_present() for VFs by checking PF pci_device_is_present() previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't p | ||
| CVE-2022-50635 | — | >= 5.8.0, < 5.15.75 | 5.15.75 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): # echo 'p cmdline_proc_show' > kprobe_events # echo 'p cmdline_proc_show+16' | ||
| CVE-2022-50634 | — | >= 5.8.0, < 6.0.16 | 6.0.16 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe() cw_bat_probe() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: | ||
| CVE-2022-50633 | — | >= 5.10.0, < 5.10.163 | 5.10.163 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init of_icc_get() alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3_qcom_interconnect_exit() functi | ||
| CVE-2022-50632 | — | >= 5.17.0, < 6.0.16 | 6.0.16 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init() tad_pmu_init() won't remove the callback added by cpuhp_setup_state_multi() when platform_driver_register() failed. Remove the callback | ||
| CVE-2022-50631 | — | >= 5.19.0, < 6.0.18 | 6.0.18 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of fdt buffer This is reported by kmemleak detector: unreferenced object 0xff60000082864000 (size 9588): comm "kexec", pid 146, jiffies 4294900634 (age 64.788s) hex dump (fir | ||
| CVE-2023-53769 | — | >= 5.19.0, < 6.1.28 | 6.1.28 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integ | ||
| CVE-2023-53768 | — | >= 6.0.0, < 6.1.40 | 6.1.40 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmap_add_irq_chip_fwnode(), the intent is to allocate a matrix with num_conf | ||
| CVE-2023-53767 | — | >= 6.3.0, < 6.3.4 | 6.3.4 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work() Currently the buffer pointed by event is not freed in case ATH12K_FLAG_UNREGISTERING bit is set, this causes memory leak. Add a goto skip instead | ||
| CVE-2023-53766 | — | >= 2.6.12, < 4.14.324 | 4.14.324 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref. | ||
| CVE-2023-53765 | — | >= 4.12.0, < 6.1.16 | 6.1.16 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btracker_destroy Otherwise the kernel can BUG with: [ 2245.426978] ============================================================================= [ 2245.435155 | ||
| CVE-2023-53764 | — | >= 6.3.0, < 6.3.4 | 6.3.4 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peer_id find ath12k_peer_find_by_id() requires that the caller hold the ab->base_lock. Currently the WBM error path does not hold the lock and calling that function, leads to th |
- CVE-2022-50644Dec 9, 2025affected >= 3.16.0, < 4.9.331fixed 4.9.331
In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe pm_runtime_get_sync() will increment pm usage counter. Forgetting to putting operation will result in reference leak. Add missing pm_runtime_put_sy
- CVE-2022-50643Dec 9, 2025affected >= 5.7.0, < 5.10.152fixed 5.10.152
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_copy_file_range() If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked.
- CVE-2022-50642Dec 9, 2025affected >= 5.9.0, < 5.15.86fixed 5.15.86
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: zero out stale pointers `cros_typec_get_switch_handles` allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of the
- CVE-2022-50641Dec 9, 2025affected >= 3.16.0, < 4.9.331fixed 4.9.331
In the Linux kernel, the following vulnerability has been resolved: HSI: omap_ssi: Fix refcount leak in ssi_probe When returning or breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the child node to possibly release the
- CVE-2022-50640Dec 9, 2025affected >= 2.6.36, < 4.9.332fixed 4.9.332
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, whi
- CVE-2022-50639Dec 9, 2025affected >= 5.14.0, < 5.15.75fixed 5.15.75
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'io_wqe' struct of the current node doesn't get freed on the error handling path, since i
- CVE-2022-50638Dec 9, 2025affected >= 3.10.0, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:203! in
- CVE-2022-50637Dec 9, 2025affected >= 5.9.0, < 5.10.163fixed 5.10.163
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() If "cpu_dev" fails to get opp table in qcom_cpufreq_hw_read_lut(), the program will return, resulting in "table" resource is not released.
- CVE-2022-50636Dec 9, 2025affected >= 3.13.0, < 4.14.303fixed 4.14.303
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_device_is_present() for VFs by checking PF pci_device_is_present() previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't p
- CVE-2022-50635Dec 9, 2025affected >= 5.8.0, < 5.15.75fixed 5.15.75
In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): # echo 'p cmdline_proc_show' > kprobe_events # echo 'p cmdline_proc_show+16'
- CVE-2022-50634Dec 9, 2025affected >= 5.8.0, < 6.0.16fixed 6.0.16
In the Linux kernel, the following vulnerability has been resolved: power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe() cw_bat_probe() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:
- CVE-2022-50633Dec 9, 2025affected >= 5.10.0, < 5.10.163fixed 5.10.163
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init of_icc_get() alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3_qcom_interconnect_exit() functi
- CVE-2022-50632Dec 9, 2025affected >= 5.17.0, < 6.0.16fixed 6.0.16
In the Linux kernel, the following vulnerability has been resolved: drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init() tad_pmu_init() won't remove the callback added by cpuhp_setup_state_multi() when platform_driver_register() failed. Remove the callback
- CVE-2022-50631Dec 9, 2025affected >= 5.19.0, < 6.0.18fixed 6.0.18
In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of fdt buffer This is reported by kmemleak detector: unreferenced object 0xff60000082864000 (size 9588): comm "kexec", pid 146, jiffies 4294900634 (age 64.788s) hex dump (fir
- CVE-2023-53769Dec 8, 2025affected >= 5.19.0, < 6.1.28fixed 6.1.28
In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integ
- CVE-2023-53768Dec 8, 2025affected >= 6.0.0, < 6.1.40fixed 6.1.40
In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmap_add_irq_chip_fwnode(), the intent is to allocate a matrix with num_conf
- CVE-2023-53767Dec 8, 2025affected >= 6.3.0, < 6.3.4fixed 6.3.4
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work() Currently the buffer pointed by event is not freed in case ATH12K_FLAG_UNREGISTERING bit is set, this causes memory leak. Add a goto skip instead
- CVE-2023-53766Dec 8, 2025affected >= 2.6.12, < 4.14.324fixed 4.14.324
In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref.
- CVE-2023-53765Dec 8, 2025affected >= 4.12.0, < 6.1.16fixed 6.1.16
In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btracker_destroy Otherwise the kernel can BUG with: [ 2245.426978] ============================================================================= [ 2245.435155
- CVE-2023-53764Dec 8, 2025affected >= 6.3.0, < 6.3.4fixed 6.3.4
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peer_id find ath12k_peer_find_by_id() requires that the caller hold the ab->base_lock. Currently the WBM error path does not hold the lock and calling that function, leads to th
Page 65 of 88