VYPR

Vendor CVEs

Linux

All CVEs

15,999 total · sorted by risk
  • CVE-2022-49307MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() When the driver fails at alloc_hdlcdev(), and then we remove the driver module, we will get the following splat: [ 25.065966] general…

  • CVE-2022-49306MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: host: Stop setting the ACPI companion It is no longer needed. The sysdev pointer is now used when assigning the ACPI companions to the xHCI ports and USB devices. Assigning the ACPI companion here…

  • CVE-2022-49305MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() There is a deadlock in ieee80211_beacons_stop(), which is shown below: (Thread 1) | (Thread 2) …

  • CVE-2022-49304MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drivers: tty: serial: Fix deadlock in sa1100_set_termios() There is a deadlock in sa1100_set_termios(), which is shown below: (Thread 1) | (Thread 2) |…

  • CVE-2022-49303MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192eu: Fix deadlock in rtw_joinbss_event_prehandle There is a deadlock in rtw_joinbss_event_prehandle(), which is shown below: (Thread 1) | (Thread 2) …

  • CVE-2022-49302MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: USB: host: isp116x: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

  • CVE-2022-49301MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix uninit-value in usb_read8() and friends When r8712_usbctrl_vendorreq() returns negative, 'data' in usb_read{8,16,32} will not be initialized. BUG: KMSAN: uninit-value in string_nocheck…

  • CVE-2022-49298MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix uninit-value in r871xu_drv_init() When 'tmpU1b' returns from r8712_read8(padapter, EE_9346CR) is 0, 'mac[6]' will not be initialized. BUG: KMSAN: uninit-value in…

  • CVE-2022-49297MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for more than 368 seconds. Not tainted 5.18.0-rc3-next-20220422-00003-g217691551…

  • CVE-2022-49296MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inline_data 1, mount with wsync. 2, create a file with O_RDWR, and the request was sent to mds.0: ceph_atomic_open()--> ceph_mdsc_do_request(openc) …

  • CVE-2022-49294MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check if modulo is 0 before dividing. [How & Why] If a value of 0 is read, then this will cause a divide-by-0 panic.

  • CVE-2022-49293MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: initialize registers in nft_do_chain() Initialize registers to avoid stack leak into userspace.

  • CVE-2022-49285MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: accel: mma8452: use the correct logic to get mma8452_data The original logic to get mma8452_data is wrong, the *dev point to the device belong to iio_dev. we can't use this dev to find the correct…

  • CVE-2022-49284MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: coresight: syscfg: Fix memleak on registration failure in cscfg_create_device device_register() calls device_initialize(), according to doc of device_initialize: Use put_device() to give up your reference…

  • CVE-2022-49283MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: firmware: sysfb: fix platform-device leak in error path Make sure to free the platform device also in the unlikely event that registration fails.

  • CVE-2022-49282MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fs_quota_sync() cnt should be passed to sb_has_quota_active() instead of type to check active quota properly. Moreover, when the type is -1, the compiler with enough…

  • CVE-2022-49281MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix handlecache and multiuser In multiuser each individual user has their own tcon structure for the share and thus their own handle for a cached directory. When we umount such a share we much make sure…

  • CVE-2022-49280MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvc_decode_writeargs() Smatch complains: fs/nfsd/nfsxdr.c:341 nfssvc_decode_writeargs() warn: no lower bound on 'args->len' Change the type to unsigned to prevent this issue.

  • CVE-2022-49279MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent integer overflow on 32 bit systems On a 32 bit system, the "len * sizeof(*p)" operation can have an integer overflow.

  • CVE-2022-49277MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2_do_mount_fs If jffs2_build_filesystem() in jffs2_do_mount_fs() returns an error, we can observe the following kmemleak report: --------------------------------------------…

  • CVE-2022-49276MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2_scan_medium If an error is returned in jffs2_scan_eraseblock() and some memory has been added to the jffs2_summary *s, we can observe the following kmemleak report: …

  • CVE-2022-49274MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix crash when mount with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. RIP: 0010:ocfs2_qinfo_lock_res_init+0x44/0x50 [ocfs2] Call Trace: …

  • CVE-2022-49273MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The clearing of the alarm feature bit was being done prior to allocations of ldata->rtc…

  • CVE-2022-49272MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock syzbot caught a potential deadlock between the PCM runtime->buffer_mutex and the mm->mmap_lock. It was brought by the recent fix to cover…

  • CVE-2022-49271MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2_ioctl_query_info() When calling smb2_ioctl_query_info() with smb_query_info::flags=PASSTHRU_FSCTL and smb_query_info::output_buffer_length=0, the following would return…

  • CVE-2022-49269MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotp_bind() Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address…

  • CVE-2022-49268MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snd_dma_free_pages() when snd_dma_alloc_pages() returns -ENOMEM because it leads to a NULL pointer dereference bug. The dmesg says: […

  • CVE-2022-49266MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rq_qos_done_bio() a647a524a467 ("block: don't call rq_qos_ops->done_bio if the bio isn't tracked") made bio_endio() skip rq_qos_done_bio() if BIO_TRACKED is not set.…

  • CVE-2022-49265MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() When a genpd with GENPD_FLAG_IRQ_SAFE gets removed, the following sleep-in-atomic bug will be seen, as genpd_debug_remove() will be called…

  • CVE-2022-49264MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting[1] Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve(2) be the name of a program, thus…

  • CVE-2022-49263MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path This avoids leaking memory if brcmf_chip_get_raminfo fails. Note that the CLM blob is released in the device remove path.

  • CVE-2022-49262MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: octeontx2 - remove CONFIG_DM_CRYPT check No issues were found while using the driver with dm-crypt enabled. So CONFIG_DM_CRYPT check in the driver can be removed. This also fixes the NULL pointer…

  • CVE-2022-49260MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - fix the aead software fallback for engine Due to the subreq pointer misuse the private context memory. The aead soft crypto occasionally casues the OS panic as setting the 64K page.…

  • CVE-2022-49259MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if…

  • CVE-2022-49257MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix NULL dereference in error cleanup In watch_queue_set_size(), the error cleanup code doesn't take account of the fact that __free_page() can't handle a NULL pointer when trying to free up…

  • CVE-2022-49256MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: watch_queue: Actually free the watch free_watch() does everything barring actually freeing the watch object. Fix this by adding the missing kfree. kmemleak produces a report something like the following. …

  • CVE-2022-49255MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fs_handle_failed_inode This patch fixes xfstests/generic/475 failure. [ 293.680694] F2FS-fs (dm-1): May loss orphan inode, run fsck to fix. [ 293.685358] Buffer I/O error on…

  • CVE-2022-49254MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: ti-vpe: cal: Fix a NULL pointer dereference in cal_ctx_v4l2_init_formats() In cal_ctx_v4l2_init_formats(), devm_kzalloc() is assigned to ctx->active_fmt and there is a dereference of it after that,…

  • CVE-2022-49253MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: usb: go7007: s2250-board: fix leak in probe() Call i2c_unregister_device(audio) on this error path.

  • CVE-2022-49248MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transaction was supported at a commit 00a7bb81c20f ("ALSA: firewire-lib: Add support for deferred transaction") while…

  • CVE-2022-49247MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all queued buffers in the driver should be returned with state…

  • CVE-2022-49246MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in snd_proto_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls…

  • CVE-2022-49245MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix…

  • CVE-2022-49244MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. …

  • CVE-2022-49243MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount…

  • CVE-2022-49242MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0]…

  • CVE-2022-49241MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function…

  • CVE-2022-49240MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when…

  • CVE-2022-49239MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done.…

  • CVE-2022-49237MedFeb 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ath11k: add missing of_node_put() to avoid leak The node pointer is returned by of_find_node_by_type() or of_parse_phandle() with refcount incremented. Calling of_node_put() to aovid the refcount leak.

Page 136 of 320