SB2025032664 - SUSE update for the Linux Kernel
Published: March 26, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 468 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2021-4453)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smu_v12_0_fini_smc_tables() function in drivers/gpu/drm/amd/pm/swsmu/smu12/smu_v12_0.c. A local user can perform a denial of service (DoS) attack.
2) NULL pointer dereference (CVE-ID: CVE-2021-47631)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the da850_evm_config_emac() function in arch/arm/mach-davinci/board-da850-evm.c. A local user can perform a denial of service (DoS) attack.
3) Use-after-free (CVE-ID: CVE-2021-47632)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pte_update_delta() and change_page_attr() functions in arch/powerpc/mm/pageattr.c. A local user can escalate privileges on the system.
4) Out-of-bounds read (CVE-ID: CVE-2021-47633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath5k_eeprom_convert_pcal_info_5111() function in drivers/net/wireless/ath/ath5k/eeprom.c. A local user can perform a denial of service (DoS) attack.
5) Improper error handling (CVE-ID: CVE-2021-47635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ubifs_write_end(), do_writepage(), ubifs_invalidatepage(), ubifs_migrate_page(), ubifs_releasepage() and ubifs_vm_page_mkwrite() functions in fs/ubifs/file.c. A local user can perform a denial of service (DoS) attack.
6) Out-of-bounds read (CVE-ID: CVE-2021-47636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ubifs_wbuf_write_nolock() function in fs/ubifs/io.c. A local user can perform a denial of service (DoS) attack.
7) Improper locking (CVE-ID: CVE-2021-47637)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the do_rename() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
8) Double free (CVE-ID: CVE-2021-47638)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the do_rename() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2021-47639)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kvm_tdp_mmu_put_root(), tdp_mmu_next_root(), kvm_tdp_mmu_wrprot_slot(), kvm_tdp_mmu_clear_dirty_slot() and kvm_tdp_mmu_zap_collapsible_sptes() functions in arch/x86/kvm/mmu/tdp_mmu.c. A local user can escalate privileges on the system.
10) Input validation error (CVE-ID: CVE-2021-47641)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cirrusfb_check_mclk() and cirrusfb_check_pixclock() functions in drivers/video/fbdev/cirrusfb.c. A local user can perform a denial of service (DoS) attack.
11) Buffer overflow (CVE-ID: CVE-2021-47642)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nvidia_setup_i2c_bus() function in drivers/video/fbdev/nvidia/nv_i2c.c. A local user can escalate privileges on the system.
12) Memory leak (CVE-ID: CVE-2021-47643)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the irtoy_probe() function in drivers/media/rc/ir_toy.c. A local user can perform a denial of service (DoS) attack.
13) Memory leak (CVE-ID: CVE-2021-47644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zoran_queue_init() function in drivers/staging/media/zoran/zoran_driver.c, within the zoran_check_jpg_settings(), zr36057_init(), dma_free_coherent() and zoran_remove() functions in drivers/staging/media/zoran/zoran_card.c. A local user can perform a denial of service (DoS) attack.
14) NULL pointer dereference (CVE-ID: CVE-2021-47645)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the zoran_reap_stat_com() function in drivers/staging/media/zoran/zoran_device.c. A local user can perform a denial of service (DoS) attack.
15) Use-after-free (CVE-ID: CVE-2021-47646)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_setup_merge() and bfq_setup_cooperator() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.
16) NULL pointer dereference (CVE-ID: CVE-2021-47647)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the F() and &() functions in drivers/clk/qcom/gcc-ipq8074.c. A local user can perform a denial of service (DoS) attack.
17) Memory leak (CVE-ID: CVE-2021-47648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the host1x_remove() function in drivers/gpu/host1x/dev.c. A local user can perform a denial of service (DoS) attack.
18) Incorrect calculation (CVE-ID: CVE-2021-47649)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the udmabuf_create() function in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.
19) Out-of-bounds read (CVE-ID: CVE-2021-47650)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_soc_new_compress() function in sound/soc/soc-compress.c. A local user can perform a denial of service (DoS) attack.
20) Use-after-free (CVE-ID: CVE-2021-47651)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rpmpd_probe() function in drivers/soc/qcom/rpmpd.c. A local user can escalate privileges on the system.
21) NULL pointer dereference (CVE-ID: CVE-2021-47652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ufx_usb_probe() function in drivers/video/fbdev/smscufx.c. A local user can perform a denial of service (DoS) attack.
22) Memory leak (CVE-ID: CVE-2021-47653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the MODULE_ALIAS(), vpif_channel_getfid() and vpif_probe() functions in drivers/media/platform/davinci/vpif.c. A local user can perform a denial of service (DoS) attack.
23) Memory leak (CVE-ID: CVE-2021-47654)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the populate_ruleset() function in samples/landlock/sandboxer.c. A local user can perform a denial of service (DoS) attack.
24) Use-after-free (CVE-ID: CVE-2021-47656)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jffs2_free_ino_caches() function in fs/jffs2/fs.c. A local user can escalate privileges on the system.
25) Improper error handling (CVE-ID: CVE-2021-47657)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the virtio_gpu_array_put_free() function in drivers/gpu/drm/virtio/virtgpu_gem.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2021-47659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_universal_plane_init() function in drivers/gpu/drm/drm_plane.c. A local user can perform a denial of service (DoS) attack.
27) NULL pointer dereference (CVE-ID: CVE-2022-0168)
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS). A privileged (CAP_SYS_ADMIN) attacker can perform a denial of service (DoS) attack.
28) Out-of-bounds write (CVE-ID: CVE-2022-0995)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Linux kernel’s watch_queue event notification subsystem. A local user can run a specially crafted program to trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
29) Use-after-free (CVE-ID: CVE-2022-1048)
The vulnerability allows a local user to execute arbitrary code with elevated privileges.
The vulnerability exists due to a use-after-free error in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. A local user can execute arbitrary code with elevated privileges and perform a denial-of-service attack.
30) Use-after-free (CVE-ID: CVE-2022-1184)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to a use-after-free error in fs/ext4/namei.c:dx_insert_block() function in the Linux kernel’s filesystem sub-component.. A local user can trigger use-after-free and perform a denial of service attack.
31) Use-after-free (CVE-ID: CVE-2022-2977)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the Linux kernel implementation of proxied virtualized TPM devices. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
32) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2022-29900)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a mistrained branch predictions for return instructions. A local user can execute arbitrary speculative code under certain microarchitecture-dependent conditions. The vulnerability was dubbed RETbleed.
33) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2022-29901)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the way non-transparent sharing of branch predictor targets between contexts. A local user can exploit the vulnerability to gain access to sensitive information.
34) NULL pointer dereference (CVE-ID: CVE-2022-3303)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel sound subsystem due to improper locking when handling the SNDCTL_DSP_SYNC ioctl. A privileged local user can trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.
35) Out-of-bounds read (CVE-ID: CVE-2022-3435)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the fib_nh_match() function in net/ipv4/fib_semantics.c IPv4 handler. A remote attacker can send specially crafted data to the system, trigger an out-of-bounds read error and read contents of memory on the system.
36) Buffer overflow (CVE-ID: CVE-2022-49044)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kvmalloc_array() function in drivers/md/dm-integrity.c. A local user can escalate privileges on the system.
37) Memory leak (CVE-ID: CVE-2022-49050)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rpcif_probe() function in drivers/memory/renesas-rpc-if.c. A local user can perform a denial of service (DoS) attack.
38) Out-of-bounds read (CVE-ID: CVE-2022-49051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the aqc111_rx_fixup() function in drivers/net/usb/aqc111.c. A local user can perform a denial of service (DoS) attack.
39) Input validation error (CVE-ID: CVE-2022-49054)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hyperv_panic_event(), hyperv_die_event() and vmbus_bus_init() functions in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
40) NULL pointer dereference (CVE-ID: CVE-2022-49055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_event_waiters() function in drivers/gpu/drm/amd/amdkfd/kfd_events.c. A local user can perform a denial of service (DoS) attack.
41) Buffer overflow (CVE-ID: CVE-2022-49058)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the parse_mf_symlink() function in fs/cifs/link.c. A local user can escalate privileges on the system.
42) Use-after-free (CVE-ID: CVE-2022-49059)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nci_close_device() function in net/nfc/nci/core.c. A local user can escalate privileges on the system.
43) NULL pointer dereference (CVE-ID: CVE-2022-49060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smc_pnet_find_ib() function in net/smc/smc_pnet.c. A local user can perform a denial of service (DoS) attack.
44) NULL pointer dereference (CVE-ID: CVE-2022-49061)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the socfpga_dwmac_fix_mac_speed() function in drivers/net/ethernet/stmicro/stmmac/dwmac-socfpga.c, within the TSE_PCS_USE_SGMII_ENA BIT() and tse_pcs_fix_mac_speed() functions in drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c. A local user can perform a denial of service (DoS) attack.
45) Use-after-free (CVE-ID: CVE-2022-49063)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ice_vsi_req_irq_msix(), ice_setup_pf_sw() and ice_suspend() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_free_irq() function in drivers/net/ethernet/intel/ice/ice_lib.c, within the ice_free_cpu_rx_rmap(), ice_set_cpu_rx_rmap(), ice_remove_arfs() and ice_rebuild_arfs() functions in drivers/net/ethernet/intel/ice/ice_arfs.c. A local user can escalate privileges on the system.
46) NULL pointer dereference (CVE-ID: CVE-2022-49065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/trace/events/sunrpc.h. A local user can perform a denial of service (DoS) attack.
47) Improper error handling (CVE-ID: CVE-2022-49066)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the veth_xmit() function in drivers/net/veth.c. A local user can perform a denial of service (DoS) attack.
48) Out-of-bounds read (CVE-ID: CVE-2022-49073)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the SATA_DWC_QCMD_MAX() function in drivers/ata/sata_dwc_460ex.c. A local user can perform a denial of service (DoS) attack.
49) Resource management error (CVE-ID: CVE-2022-49074)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gic_dist_base() and gic_do_wait_for_rwp() functions in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
50) Use-after-free (CVE-ID: CVE-2022-49076)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfi1_mmu_rb_unregister() function in drivers/infiniband/hw/hfi1/mmu_rb.c. A local user can escalate privileges on the system.
51) Use-after-free (CVE-ID: CVE-2022-49078)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LZ4_decompress_generic() function in lib/lz4/lz4_decompress.c. A local user can escalate privileges on the system.
52) Use-after-free (CVE-ID: CVE-2022-49082)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _scsih_expander_node_remove() function in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can escalate privileges on the system.
53) NULL pointer dereference (CVE-ID: CVE-2022-49083)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omap_iommu_probe_device() function in drivers/iommu/omap-iommu.c. A local user can perform a denial of service (DoS) attack.
54) Improper error handling (CVE-ID: CVE-2022-49084)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the qede_build_skb() function in drivers/net/ethernet/qlogic/qede/qede_fp.c. A local user can perform a denial of service (DoS) attack.
55) Use-after-free (CVE-ID: CVE-2022-49085)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drbd_bitmap_io_from_worker(), notify_resource_state_change(), notify_connection_state_change(), notify_device_state_change(), notify_peer_device_state_change() and broadcast_state_change() functions in drivers/block/drbd/drbd_state.c, within the nla_put_notification_header(), notify_resource_state(), notify_device_state(), notify_connection_state(), notify_peer_device_state(), notify_initial_state_done() and get_initial_state() functions in drivers/block/drbd/drbd_nl.c. A local user can escalate privileges on the system.
56) Memory leak (CVE-ID: CVE-2022-49086)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nla_alloc_flow_actions() and ovs_nla_free_set_action() functions in net/openvswitch/flow_netlink.c. A local user can perform a denial of service (DoS) attack.
57) Memory leak (CVE-ID: CVE-2022-49088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dpaa2_ptp_probe() and fsl_mc_free_irqs() functions in drivers/net/ethernet/freescale/dpaa2/dpaa2-ptp.c. A local user can perform a denial of service (DoS) attack.
58) Improper locking (CVE-ID: CVE-2022-49089)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the spin_lock_irqsave() function in drivers/infiniband/sw/rdmavt/qp.c. A local user can perform a denial of service (DoS) attack.
59) NULL pointer dereference (CVE-ID: CVE-2022-49090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the secondary_start_kernel() function in arch/arm64/kernel/smp.c. A local user can perform a denial of service (DoS) attack.
60) Memory leak (CVE-ID: CVE-2022-49091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_pd_connector_get_modes() function in drivers/gpu/drm/imx/parallel-display.c. A local user can perform a denial of service (DoS) attack.
61) Improper locking (CVE-ID: CVE-2022-49092)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fib_nh_match() function in net/ipv4/fib_semantics.c. A local user can perform a denial of service (DoS) attack.
62) Use-after-free (CVE-ID: CVE-2022-49093)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the skb_try_coalesce() function in net/core/skbuff.c. A local user can escalate privileges on the system.
63) Memory leak (CVE-ID: CVE-2022-49095)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zorro7xx_remove_one() function in drivers/scsi/zorro7xx.c. A local user can perform a denial of service (DoS) attack.
64) NULL pointer dereference (CVE-ID: CVE-2022-49096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_remove_channels(), efx_realloc_channels() and efx_set_channels() functions in drivers/net/ethernet/sfc/efx_channels.c. A local user can perform a denial of service (DoS) attack.
65) Infinite loop (CVE-ID: CVE-2022-49097)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the EXPORT_SYMBOL_GPL() function in fs/nfs/write.c, within the nfs_set_pgio_error(), nfs_generic_pgio() and nfs_pageio_alloc_mirrors() functions in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.
66) Improper Initialization (CVE-ID: CVE-2022-49098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the vmbus_exit() function in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
67) Resource management error (CVE-ID: CVE-2022-49099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmbus_device_register() function in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
68) Buffer overflow (CVE-ID: CVE-2022-49100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the init() and fini() functions in drivers/char/virtio_console.c. A local user can perform a denial of service (DoS) attack.
69) Memory leak (CVE-ID: CVE-2022-49102)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hl_mmu_v1_fini() function in drivers/misc/habanalabs/common/mmu/mmu_v1.c. A local user can perform a denial of service (DoS) attack.
70) Memory leak (CVE-ID: CVE-2022-49103)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _nfs42_proc_copy_notify() function in fs/nfs/nfs42proc.c. A local user can perform a denial of service (DoS) attack.
71) NULL pointer dereference (CVE-ID: CVE-2022-49104)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vchiq_msg_queue_push() and vchiq_msg_hold() functions in drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c. A local user can perform a denial of service (DoS) attack.
72) Memory leak (CVE-ID: CVE-2022-49105)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wfx_init_common() function in drivers/staging/wfx/main.c. A local user can perform a denial of service (DoS) attack.
73) NULL pointer dereference (CVE-ID: CVE-2022-49106)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vchiq_dump_platform_instances() function in drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c. A local user can perform a denial of service (DoS) attack.
74) Memory leak (CVE-ID: CVE-2022-49107)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fs/ceph/dir.c. A local user can perform a denial of service (DoS) attack.
75) Memory leak (CVE-ID: CVE-2022-49109)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ceph_get_snapdir() function in fs/ceph/inode.c. A local user can perform a denial of service (DoS) attack.
76) Use-after-free (CVE-ID: CVE-2022-49111)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_disconn_phylink_complete_evt() function in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.
77) Improper error handling (CVE-ID: CVE-2022-49112)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the drivers/net/wireless/mediatek/mt76/mt76.h. A local user can perform a denial of service (DoS) attack.
78) Memory leak (CVE-ID: CVE-2022-49113)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the format_show() function in arch/powerpc/kernel/secvar-sysfs.c. A local user can perform a denial of service (DoS) attack.
79) Use-after-free (CVE-ID: CVE-2022-49114)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fc_exch_abts_resp() function in drivers/scsi/libfc/fc_exch.c. A local user can escalate privileges on the system.
80) Memory leak (CVE-ID: CVE-2022-49115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_epf_test_write() function in drivers/pci/endpoint/functions/pci-epf-test.c. A local user can perform a denial of service (DoS) attack.
81) Memory leak (CVE-ID: CVE-2022-49116)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the l2cap_ecred_connect() function in net/bluetooth/l2cap_core.c. A local user can perform a denial of service (DoS) attack.
82) Improper error handling (CVE-ID: CVE-2022-49118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the cq_interrupt_v3_hw(), interrupt_preinit_v3_hw(), hisi_sas_v3_probe() and hisi_sas_v3_destroy_irqs() functions in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
83) Memory leak (CVE-ID: CVE-2022-49119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm8001_chip_fw_flash_update_req() function in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
84) Memory leak (CVE-ID: CVE-2022-49120)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm8001_send_abort_all() function in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
85) Memory leak (CVE-ID: CVE-2022-49121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm80xx_chip_phy_ctl_req() function in drivers/scsi/pm8001/pm80xx_hwi.c, within the pm8001_exec_internal_task_abort() function in drivers/scsi/pm8001/pm8001_sas.c, within the pm8001_chip_reg_dev_req(), pm8001_chip_fw_flash_update_req() and pm8001_chip_set_dev_state_req() functions in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
86) Memory leak (CVE-ID: CVE-2022-49122)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lookup_ioctl() function in drivers/md/dm-ioctl.c. A local user can perform a denial of service (DoS) attack.
87) Memory leak (CVE-ID: CVE-2022-49126)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mpi3mr_free_op_req_q_segments() function in drivers/scsi/mpi3mr/mpi3mr_fw.c. A local user can perform a denial of service (DoS) attack.
88) Memory leak (CVE-ID: CVE-2022-49128)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nwl_dsi_bridge_mode_set() function in drivers/gpu/drm/bridge/nwl-dsi.c. A local user can perform a denial of service (DoS) attack.
89) Use-after-free (CVE-ID: CVE-2022-49129)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mt7921_stop() function in drivers/net/wireless/mediatek/mt76/mt7921/main.c. A local user can escalate privileges on the system.
90) NULL pointer dereference (CVE-ID: CVE-2022-49130)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath11k_mhi_set_state() function in drivers/net/wireless/ath/ath11k/mhi.c. A local user can perform a denial of service (DoS) attack.
91) Resource management error (CVE-ID: CVE-2022-49131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ath11k_ahb_free_ext_irq() function in drivers/net/wireless/ath/ath11k/ahb.c. A local user can perform a denial of service (DoS) attack.
92) Improper locking (CVE-ID: CVE-2022-49132)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath11k_pci_pm_suspend() and ath11k_pci_pm_resume() functions in drivers/net/wireless/ath/ath11k/pci.c. A local user can perform a denial of service (DoS) attack.
93) Memory leak (CVE-ID: CVE-2022-49135)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dp_link_settings_read(), dp_phy_settings_read(), dp_dsc_clock_en_read(), dp_dsc_slice_width_read(), dp_dsc_slice_height_read(), dp_dsc_bits_per_pixel_read(), dp_dsc_pic_width_read(), dp_dsc_pic_height_read(), dp_dsc_chunk_size_read(), dp_dsc_slice_bpg_offset_read() and dcc_en_bits_read() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
94) Memory leak (CVE-ID: CVE-2022-49137)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_cs_fence_to_handle_ioctl() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can perform a denial of service (DoS) attack.
95) Out-of-bounds read (CVE-ID: CVE-2022-49145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the acpi_cppc_processor_probe() function in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
96) Buffer overflow (CVE-ID: CVE-2022-49147)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_alloc_ext_minor() function in block/genhd.c. A local user can perform a denial of service (DoS) attack.
97) Memory leak (CVE-ID: CVE-2022-49148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __put_watch_queue() function in kernel/watch_queue.c. A local user can perform a denial of service (DoS) attack.
98) Improper locking (CVE-ID: CVE-2022-49151)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mcba_usb_xmit(), mcba_usb_read_bulk_callback(), mcba_usb_start() and mcba_usb_probe() functions in drivers/net/can/usb/mcba_usb.c. A local user can perform a denial of service (DoS) attack.
99) Memory leak (CVE-ID: CVE-2022-49153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rcu_read_unlock_bh() function in drivers/net/wireguard/socket.c. A local user can perform a denial of service (DoS) attack.
100) Out-of-bounds read (CVE-ID: CVE-2022-49154)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the svm_update_pi_irte() function in arch/x86/kvm/svm/avic.c. A local user can perform a denial of service (DoS) attack.
101) Improper locking (CVE-ID: CVE-2022-49155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qla2xxx_create_qpair() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
102) Improper locking (CVE-ID: CVE-2022-49156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qla24xx_handle_plogi_done_event() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
103) Resource management error (CVE-ID: CVE-2022-49157)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qla27xx_fwdt_entry_t266() function in drivers/scsi/qla2xxx/qla_tmpl.c, within the qla2xxx_pci_error_detected() and qla2xxx_pci_mmio_enabled() functions in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
104) Improper error handling (CVE-ID: CVE-2022-49158)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the qla2x00_async_login_sp_done(), qla2x00_async_adisc_sp_done() and qla2x00_async_prli_sp_done() functions in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
105) NULL pointer dereference (CVE-ID: CVE-2022-49159)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_async_nack_sp_done() and qla24xx_async_notify_ack() functions in drivers/scsi/qla2xxx/qla_target.c, within the qla2x00_sp_compl(), qla2xxx_qpair_sp_compl(), qla2xxx_queuecommand() and qla2xxx_mqueuecommand() functions in drivers/scsi/qla2xxx/qla_os.c, within the qlafx00_fx_disc() and dma_free_coherent() functions in drivers/scsi/qla2xxx/qla_mr.c, within the qla24xx_control_vp() function in drivers/scsi/qla2xxx/qla_mid.c, within the qla24xx_send_mb_cmd() function in drivers/scsi/qla2xxx/qla_mbx.c, within the qla24xx_tm_iocb(), qla24xx_els_dcmd_iocb(), qla2x00_els_dcmd2_sp_done(), qla24xx_els_dcmd2_iocb() and qla2x00_start_sp() functions in drivers/scsi/qla2xxx/qla_iocb.c, within the qla2x00_sp_timeout(), qla24xx_abort_iocb_timeout(), qla24xx_abort_sp_done(), qla24xx_async_abort_cmd(), qla2x00_async_login_sp_done(), qla2x00_async_login(), qla2x00_async_logout_sp_done(), qla2x00_async_logout(), qla2x00_async_prlo_sp_done(), qla2x00_async_prlo(), qla2x00_async_adisc_sp_done(), qla2x00_async_adisc(), qla24xx_async_gnl_sp_done(), qla24xx_async_gnl(), dma_pool_free(), qla2x00_async_prli_sp_done(), qla24xx_async_prli() and qla2x00_async_tm_cmd() functions in drivers/scsi/qla2xxx/qla_init.c, within the qla2x00_async_sns_sp_done(), qla_async_rftid(), qla_async_rffid(), qla_async_rnnid(), qla_async_rsnn_nn(), qla24xx_async_gpsc_sp_done(), qla24xx_async_gpsc(), qla24xx_sp_unmap(), qla2x00_async_gpnid_sp_done(), qla24xx_async_gpnid(), qla24xx_async_gffid_sp_done(), qla24xx_async_gffid(), qla2x00_async_gpnft_gnnft_sp_done(), qla24xx_async_gpnft(), qla2x00_async_gnnid_sp_done(), qla24xx_async_gnnid(), qla2x00_async_gfpnid_sp_done() and qla24xx_async_gfpnid() functions in drivers/scsi/qla2xxx/qla_gs.c, within the edif_doorbell_show() function in drivers/scsi/qla2xxx/qla_edif.c, within the qla2x00_bsg_job_done() and qla24xx_bsg_timeout() functions in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
106) Resource management error (CVE-ID: CVE-2022-49160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qla24xx_free_purex_list() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
107) Resource management error (CVE-ID: CVE-2022-49162)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smtcfb_write() function in drivers/video/fbdev/sm712fb.c. A local user can perform a denial of service (DoS) attack.
108) Out-of-bounds read (CVE-ID: CVE-2022-49163)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mxc_jpeg_device_run() function in drivers/media/platform/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
109) Buffer overflow (CVE-ID: CVE-2022-49164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the REST_GPR() and GET_PACA() functions in arch/powerpc/kernel/tm.S. A local user can perform a denial of service (DoS) attack.
110) NULL pointer dereference (CVE-ID: CVE-2022-49165)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mxc_jpeg_device_run() function in drivers/media/platform/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
111) Use-after-free (CVE-ID: CVE-2022-49174)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_mb_mark_bb() function in fs/ext4/mballoc.c. A local user can escalate privileges on the system.
112) Use-after-free (CVE-ID: CVE-2022-49175)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pm_ops_is_empty() and device_pm_check_callbacks() functions in drivers/base/power/main.c. A local user can escalate privileges on the system.
113) Use-after-free (CVE-ID: CVE-2022-49176)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_dispatch_request() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
114) NULL pointer dereference (CVE-ID: CVE-2022-49177)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cavium_map_pf_regs() function in drivers/char/hw_random/cavium-rng-vf.c. A local user can perform a denial of service (DoS) attack.
115) Use-after-free (CVE-ID: CVE-2022-49179)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_bfqq_move() function in block/bfq-cgroup.c. A local user can escalate privileges on the system.
116) Input validation error (CVE-ID: CVE-2022-49180)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the selinux_fs_context_parse_param() function in security/selinux/hooks.c, within the security_fs_context_dup() function in security/security.c. A local user can perform a denial of service (DoS) attack.
117) Use-after-free (CVE-ID: CVE-2022-49182)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hclge_add_vport_vlan_table(), hclge_add_vport_all_vlan_table(), hclge_rm_vport_vlan_table(), hclge_rm_vport_all_vlan_table(), hclge_uninit_vport_vlan_table(), hclge_restore_vport_vlan_table() and hclge_uninit_ae_dev() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can escalate privileges on the system.
118) Memory leak (CVE-ID: CVE-2022-49185)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nmk_pinctrl_probe() function in drivers/pinctrl/nomadik/pinctrl-nomadik.c. A local user can perform a denial of service (DoS) attack.
119) NULL pointer dereference (CVE-ID: CVE-2022-49187)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_hw_create_clk() function in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
120) Memory leak (CVE-ID: CVE-2022-49188)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the q6v5_alloc_memory_region() function in drivers/remoteproc/qcom_q6v5_mss.c. A local user can perform a denial of service (DoS) attack.
121) Integer underflow (CVE-ID: CVE-2022-49189)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the clk_rcg2_determine_floor_rate() and __clk_rcg2_configure() functions in drivers/clk/qcom/clk-rcg2.c. A local user can execute arbitrary code.
122) Improper error handling (CVE-ID: CVE-2022-49193)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ice_service_task() and ice_misc_intr() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
123) Use-after-free (CVE-ID: CVE-2022-49194)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bcmgenet_writel() and bcmgenet_readl() functions in drivers/net/ethernet/broadcom/genet/bcmgenet.c. A local user can escalate privileges on the system.
124) Use-after-free (CVE-ID: CVE-2022-49196)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the remove_phb_dynamic() function in arch/powerpc/platforms/pseries/pci_dlpar.c. A local user can escalate privileges on the system.
125) Integer underflow (CVE-ID: CVE-2022-49199)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nldev_stat_set_counter_dynamic_doit() function in drivers/infiniband/core/nldev.c. A local user can execute arbitrary code.
126) Improper error handling (CVE-ID: CVE-2022-49200)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btmtksdio_probe() function in drivers/bluetooth/btmtksdio.c. A local user can perform a denial of service (DoS) attack.
127) NULL pointer dereference (CVE-ID: CVE-2022-49201)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __ibmvnic_open(), ibmvnic_cleanup(), ibmvnic_tx_scrq_clean_buffer(), ibmvnic_xmit() and netif_carrier_off() functions in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
128) Memory leak (CVE-ID: CVE-2022-49206)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the subscribe_event_xa_alloc() function in drivers/infiniband/hw/mlx5/devx.c. A local user can perform a denial of service (DoS) attack.
129) Integer underflow (CVE-ID: CVE-2022-49208)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the irdma_sc_qp_create(), irdma_sc_cq_create(), irdma_sc_ceq_init() and irdma_sc_ccq_init() functions in drivers/infiniband/hw/irdma/ctrl.c. A local user can execute arbitrary code.
130) Memory leak (CVE-ID: CVE-2022-49212)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmel_nand_controller_init() function in drivers/mtd/nand/atmel/nand-controller.c. A local user can perform a denial of service (DoS) attack.
131) Memory leak (CVE-ID: CVE-2022-49213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath10k_setup_msa_resources() function in drivers/net/wireless/ath/ath10k/snoc.c. A local user can perform a denial of service (DoS) attack.
132) NULL pointer dereference (CVE-ID: CVE-2022-49214)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the NOKPROBE_SYMBOL() function in arch/powerpc/mm/fault.c. A local user can perform a denial of service (DoS) attack.
133) Memory leak (CVE-ID: CVE-2022-49216)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tegra_dsi_ganged_probe() function in drivers/gpu/drm/tegra/dsi.c. A local user can perform a denial of service (DoS) attack.
134) Improper locking (CVE-ID: CVE-2022-49217)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pm80xx_send_abort_all() function in drivers/scsi/pm8001/pm80xx_hwi.c, within the pm8001_send_abort_all() and pm8001_send_read_log() functions in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
135) Out-of-bounds read (CVE-ID: CVE-2022-49218)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drm_dp_link_get_adjustments() function in drivers/gpu/drm/tegra/dp.c, within the drm_dp_get_adjust_tx_ffe_preset() function in drivers/gpu/drm/dp/drm_dp.c. A local user can perform a denial of service (DoS) attack.
136) NULL pointer dereference (CVE-ID: CVE-2022-49221)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_dp_modeset_init() function in drivers/gpu/drm/msm/dp/dp_display.c. A local user can perform a denial of service (DoS) attack.
137) Buffer overflow (CVE-ID: CVE-2022-49222)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the segments_edid_read() function in drivers/gpu/drm/bridge/analogix/anx7625.c. A local user can escalate privileges on the system.
138) Memory leak (CVE-ID: CVE-2022-49224)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ab8500_fg_sysfs_init() function in drivers/power/supply/ab8500_fg.c. A local user can perform a denial of service (DoS) attack.
139) Input validation error (CVE-ID: CVE-2022-49226)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ax88772_bind() and ax88178_reset() functions in drivers/net/usb/asix_devices.c, within the asix_read_cmd(), asix_check_host_enable() and asix_mdio_read_nopm() functions in drivers/net/usb/asix_common.c. A local user can perform a denial of service (DoS) attack.
140) Resource management error (CVE-ID: CVE-2022-49227)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igc_setup_rx_resources() function in drivers/net/ethernet/intel/igc/igc_main.c. A local user can perform a denial of service (DoS) attack.
141) NULL pointer dereference (CVE-ID: CVE-2022-49232)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_connector_add_common_modes() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
142) Use of uninitialized resource (CVE-ID: CVE-2022-49235)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the htc_issue_send() and htc_connect_service() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
143) Use-after-free (CVE-ID: CVE-2022-49236)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btf_id_set_contains(), btf_module_notify() and btf_try_get_module() functions in kernel/bpf/btf.c. A local user can escalate privileges on the system.
144) Memory leak (CVE-ID: CVE-2022-49239)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wcd934x_codec_parse_data() function in sound/soc/codecs/wcd934x.c. A local user can perform a denial of service (DoS) attack.
145) Memory leak (CVE-ID: CVE-2022-49241)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sam9x5_wm8731_driver_probe() function in sound/soc/atmel/sam9x5_wm8731.c. A local user can perform a denial of service (DoS) attack.
146) Memory leak (CVE-ID: CVE-2022-49242)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mxs_sgtl5000_probe() function in sound/soc/mxs/mxs-sgtl5000.c. A local user can perform a denial of service (DoS) attack.
147) Memory leak (CVE-ID: CVE-2022-49243)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the at91sam9g20ek_audio_probe() function in sound/soc/atmel/sam9g20_wm8731.c. A local user can perform a denial of service (DoS) attack.
148) Memory leak (CVE-ID: CVE-2022-49244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt8192_mt6359_dev_probe() function in sound/soc/mediatek/mt8192/mt8192-mt6359-rt1015-rt5682.c. A local user can perform a denial of service (DoS) attack.
149) Memory leak (CVE-ID: CVE-2022-49246)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the snd_proto_probe() function in sound/soc/atmel/mikroe-proto.c. A local user can perform a denial of service (DoS) attack.
150) Improper locking (CVE-ID: CVE-2022-49247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stk1160_uninit_isoc(), stk1160_stop_streaming() and stk1160_clear_queue() functions in drivers/media/usb/stk1160/stk1160-v4l.c, within the stk1160_disconnect() function in drivers/media/usb/stk1160/stk1160-core.c. A local user can perform a denial of service (DoS) attack.
151) Use of uninitialized resource (CVE-ID: CVE-2022-49248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the fcp_avc_transaction() function in sound/firewire/fcp.c. A local user can perform a denial of service (DoS) attack.
152) Out-of-bounds read (CVE-ID: CVE-2022-49249)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the wcd938x_tx_mode_get() and wcd938x_rx_hph_mode_get() functions in sound/soc/codecs/wcd938x.c. A local user can perform a denial of service (DoS) attack.
153) Input validation error (CVE-ID: CVE-2022-49250)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rx_macro_load_compander_coeff() function in sound/soc/codecs/lpass-rx-macro.c. A local user can perform a denial of service (DoS) attack.
154) Out-of-bounds read (CVE-ID: CVE-2022-49251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the va_macro_dec_mode_get() and va_macro_dec_mode_put() functions in sound/soc/codecs/lpass-va-macro.c. A local user can perform a denial of service (DoS) attack.
155) Out-of-bounds read (CVE-ID: CVE-2022-49252)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rx_macro_mux_get(), rx_macro_mux_put(), rx_macro_get_hph_pwr_mode() and rx_macro_put_hph_pwr_mode() functions in sound/soc/codecs/lpass-rx-macro.c. A local user can perform a denial of service (DoS) attack.
156) Memory leak (CVE-ID: CVE-2022-49253)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s2250_probe() and i2c_unregister_device() functions in drivers/media/usb/go7007/s2250-board.c. A local user can perform a denial of service (DoS) attack.
157) NULL pointer dereference (CVE-ID: CVE-2022-49254)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cal_ctx_v4l2_init_formats() function in drivers/media/platform/ti-vpe/cal-video.c. A local user can perform a denial of service (DoS) attack.
158) Memory leak (CVE-ID: CVE-2022-49256)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the free_watch() function in kernel/watch_queue.c. A local user can perform a denial of service (DoS) attack.
159) NULL pointer dereference (CVE-ID: CVE-2022-49257)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the watch_queue_set_size() function in kernel/watch_queue.c. A local user can perform a denial of service (DoS) attack.
160) Use-after-free (CVE-ID: CVE-2022-49258)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cc_cipher_exit() function in drivers/crypto/ccree/cc_cipher.c. A local user can escalate privileges on the system.
161) Resource management error (CVE-ID: CVE-2022-49259)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the blk_unregister_queue() function in block/blk-sysfs.c. A local user can perform a denial of service (DoS) attack.
162) Buffer overflow (CVE-ID: CVE-2022-49260)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the sec_aead_soft_crypto() function in drivers/crypto/hisilicon/sec2/sec_crypto.c. A local user can perform a denial of service (DoS) attack.
163) Out-of-bounds read (CVE-ID: CVE-2022-49261)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vm_access() function in drivers/gpu/drm/i915/gem/i915_gem_mman.c. A local user can perform a denial of service (DoS) attack.
164) NULL pointer dereference (CVE-ID: CVE-2022-49262)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cpt_register_algs() function in drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c. A local user can perform a denial of service (DoS) attack.
165) Memory leak (CVE-ID: CVE-2022-49263)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the brcmf_pcie_setup() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c. A local user can perform a denial of service (DoS) attack.
166) NULL pointer dereference (CVE-ID: CVE-2022-49264)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bprm_stack_limits(), do_execveat_common() and kernel_execve() functions in fs/exec.c. A local user can perform a denial of service (DoS) attack.
167) Improper locking (CVE-ID: CVE-2022-49265)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the genpd_remove() function in drivers/base/power/domain.c. A local user can perform a denial of service (DoS) attack.
168) Buffer overflow (CVE-ID: CVE-2022-49266)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blkcg_iolatency_done_bio() function in block/blk-iolatency.c. A local user can perform a denial of service (DoS) attack.
169) Use-after-free (CVE-ID: CVE-2022-49268)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cl_stream_prepare() function in sound/soc/sof/intel/hda-loader.c. A local user can escalate privileges on the system.
170) Input validation error (CVE-ID: CVE-2022-49269)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the isotp_bind() function in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.
171) Use-after-free (CVE-ID: CVE-2022-49270)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cleanup_mapped_device() function in drivers/md/dm.c. A local user can escalate privileges on the system.
172) NULL pointer dereference (CVE-ID: CVE-2022-49271)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smb2_ioctl_query_info() function in fs/cifs/smb2ops.c. A local user can perform a denial of service (DoS) attack.
173) Improper locking (CVE-ID: CVE-2022-49272)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_pcm_hw_params_choose(), snd_pcm_hw_params(), snd_pcm_hw_free() and snd_pcm_action_nonatomic() functions in sound/core/pcm_native.c, within the wait_for_avail() and __snd_pcm_lib_xfer() functions in sound/core/pcm_lib.c, within the snd_pcm_attach_substream() function in sound/core/pcm.c. A local user can perform a denial of service (DoS) attack.
174) NULL pointer dereference (CVE-ID: CVE-2022-49273)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pl031_probe() function in drivers/rtc/rtc-pl031.c. A local user can perform a denial of service (DoS) attack.
175) Use of uninitialized resource (CVE-ID: CVE-2022-49274)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_local_read_info() function in fs/ocfs2/quota_local.c, within the ocfs2_unlock_global_qf() and ocfs2_global_read_info() functions in fs/ocfs2/quota_global.c. A local user can perform a denial of service (DoS) attack.
176) Use-after-free (CVE-ID: CVE-2022-49275)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the m_can_tx_handler() function in drivers/net/can/m_can/m_can.c. A local user can escalate privileges on the system.
177) Memory leak (CVE-ID: CVE-2022-49276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_scan_medium() function in fs/jffs2/scan.c. A local user can perform a denial of service (DoS) attack.
178) Memory leak (CVE-ID: CVE-2022-49277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_do_mount_fs() function in fs/jffs2/build.c. A local user can perform a denial of service (DoS) attack.
179) Integer underflow (CVE-ID: CVE-2022-49278)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the rproc_coredump_write() function in drivers/remoteproc/remoteproc_debugfs.c. A local user can execute arbitrary code.
180) Integer overflow (CVE-ID: CVE-2022-49279)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the include/linux/sunrpc/xdr.h. A local user can execute arbitrary code.
181) Integer underflow (CVE-ID: CVE-2022-49280)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nfsd_proc_write() function in fs/nfsd/nfsproc.c. A local user can execute arbitrary code.
182) Resource management error (CVE-ID: CVE-2022-49281)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cifs_kill_sb() function in fs/cifs/cifsfs.c. A local user can perform a denial of service (DoS) attack.
183) Memory leak (CVE-ID: CVE-2022-49283)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sysfb_create_simplefb() function in drivers/firmware/sysfb_simplefb.c. A local user can perform a denial of service (DoS) attack.
184) NULL pointer dereference (CVE-ID: CVE-2022-49285)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mma8452_show_scale_avail() function in drivers/iio/accel/mma8452.c. A local user can perform a denial of service (DoS) attack.
185) NULL pointer dereference (CVE-ID: CVE-2022-49286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tpm2_init_space() function in drivers/char/tpm/tpm2-space.c. A local user can perform a denial of service (DoS) attack.
186) Use-after-free (CVE-ID: CVE-2022-49287)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dev_err() function in drivers/char/tpm/tpm2-space.c, within the tpm_dev_release(), tpm_chip_alloc(), tpm_add_char_device() and tpm_chip_unregister() functions in drivers/char/tpm/tpm-chip.c. A local user can escalate privileges on the system.
187) Use-after-free (CVE-ID: CVE-2022-49288)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_pcm_lib_preallocate_proc_write() function in sound/core/pcm_memory.c. A local user can escalate privileges on the system.
188) Memory leak (CVE-ID: CVE-2022-49290)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_mesh_setup() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
189) Use-after-free (CVE-ID: CVE-2022-49291)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_pcm_hw_params_choose(), snd_pcm_hw_params() and do_hw_free() functions in sound/core/pcm_native.c, within the snd_pcm_attach_substream() and snd_pcm_detach_substream() functions in sound/core/pcm.c. A local user can escalate privileges on the system.
190) Buffer overflow (CVE-ID: CVE-2022-49292)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the snd_pcm_plugin_alloc() function in sound/core/oss/pcm_plugin.c, within the snd_pcm_oss_period_size() and snd_pcm_oss_change_params_locked() functions in sound/core/oss/pcm_oss.c. A local user can escalate privileges on the system.
191) Division by zero (CVE-ID: CVE-2022-49294)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the get_pixel_clk_frequency_100hz() function in drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c. A local user can perform a denial of service (DoS) attack.
192) NULL pointer dereference (CVE-ID: CVE-2022-49295)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nbd_cleanup() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
193) Improper locking (CVE-ID: CVE-2022-49297)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nbd_start_device_ioctl() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
194) Use of uninitialized resource (CVE-ID: CVE-2022-49298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the r871xu_drv_init() function in drivers/staging/rtl8712/usb_intf.c. A local user can perform a denial of service (DoS) attack.
195) NULL pointer dereference (CVE-ID: CVE-2022-49299)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dwc2_hsotg_udc_start() function in drivers/usb/dwc2/gadget.c. A local user can perform a denial of service (DoS) attack.
196) Memory leak (CVE-ID: CVE-2022-49300)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nbd_alloc_config(), nbd_open(), nbd_put() and nbd_cleanup() functions in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
197) Use of uninitialized resource (CVE-ID: CVE-2022-49301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the usb_read8(), usb_read16() and usb_read32() functions in drivers/staging/rtl8712/usb_ops.c. A local user can perform a denial of service (DoS) attack.
198) NULL pointer dereference (CVE-ID: CVE-2022-49302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the isp116x_remove() function in drivers/usb/host/isp116x-hcd.c. A local user can perform a denial of service (DoS) attack.
199) Improper locking (CVE-ID: CVE-2022-49304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sa1100_set_termios() function in drivers/tty/serial/sa1100.c. A local user can perform a denial of service (DoS) attack.
200) Improper locking (CVE-ID: CVE-2022-49305)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_beacons_stop() function in drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c. A local user can perform a denial of service (DoS) attack.
201) NULL pointer dereference (CVE-ID: CVE-2022-49307)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hdlcdev_init() function in drivers/tty/synclink_gt.c. A local user can perform a denial of service (DoS) attack.
202) Improper error handling (CVE-ID: CVE-2022-49308)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the extcon_dev_register() and extcon_dev_unregister() functions in drivers/extcon/extcon.c. A local user can perform a denial of service (DoS) attack.
203) Improper locking (CVE-ID: CVE-2022-49309)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw_surveydone_event_callback() and rtw_scan_timeout_handler() functions in drivers/staging/rtl8723bs/core/rtw_mlme.c. A local user can perform a denial of service (DoS) attack.
204) Memory leak (CVE-ID: CVE-2022-49310)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cleanup_dev() function in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.
205) Improper locking (CVE-ID: CVE-2022-49311)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw_joinbss_event_prehandle() and _rtw_join_timeout_handler() functions in drivers/staging/rtl8723bs/core/rtw_mlme.c. A local user can perform a denial of service (DoS) attack.
206) Memory leak (CVE-ID: CVE-2022-49312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the r8712_usb_dvobj_init(), r871x_dev_unload() and r871xu_dev_remove() functions in drivers/staging/rtl8712/usb_intf.c, within the r8712_free_drv_sw() function in drivers/staging/rtl8712/os_intfs.c. A local user can perform a denial of service (DoS) attack.
207) Improper locking (CVE-ID: CVE-2022-49313)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the oxu_bus_suspend() function in drivers/usb/host/oxu210hp-hcd.c. A local user can perform a denial of service (DoS) attack.
208) Memory leak (CVE-ID: CVE-2022-49314)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the icom_probe() function in drivers/tty/serial/icom.c. A local user can perform a denial of service (DoS) attack.
209) Improper locking (CVE-ID: CVE-2022-49315)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtllib_beacons_stop() function in drivers/staging/rtl8192e/rtllib_softmac.c. A local user can perform a denial of service (DoS) attack.
210) Improper locking (CVE-ID: CVE-2022-49316)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the _nfs4_open_and_get_state() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
211) NULL pointer dereference (CVE-ID: CVE-2022-49319)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arm_smmu_device_probe() function in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c. A local user can perform a denial of service (DoS) attack.
212) Integer overflow (CVE-ID: CVE-2022-49320)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the zynqmp_dma_alloc_chan_resources() function in drivers/dma/xilinx/zynqmp_dma.c. A local user can execute arbitrary code.
213) NULL pointer dereference (CVE-ID: CVE-2022-49321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rpcrdma_is_bcall() function in net/sunrpc/xprtrdma/rpc_rdma.c. A local user can perform a denial of service (DoS) attack.
214) Improper locking (CVE-ID: CVE-2022-49322)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the trace_event_buffer_lock_reserve() and output_printk() functions in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
215) NULL pointer dereference (CVE-ID: CVE-2022-49323)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arm_smmu_device_probe() function in drivers/iommu/arm/arm-smmu/arm-smmu.c. A local user can perform a denial of service (DoS) attack.
216) Improper Initialization (CVE-ID: CVE-2022-49326)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the rtl8180_tx() function in drivers/net/wireless/realtek/rtl818x/rtl8180/dev.c. A local user can perform a denial of service (DoS) attack.
217) Improper locking (CVE-ID: CVE-2022-49327)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the run_cache_set() function in drivers/md/bcache/super.c, within the bch_journal_space_reserve(), do_journal_discard() and journal_reclaim() functions in drivers/md/bcache/journal.c. A local user can perform a denial of service (DoS) attack.
218) Use-after-free (CVE-ID: CVE-2022-49328)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mt76_txq_stopped() and mt76_txq_schedule_list() functions in drivers/net/wireless/mediatek/mt76/tx.c, within the mt7921_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7921/main.c, within the mt7915_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7915/main.c, within the mt76x02_vif_init() and mt76x02_remove_interface() functions in drivers/net/wireless/mediatek/mt76/mt76x02_util.c, within the mt7615_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7615/main.c, within the mt7603_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7603/main.c, within the mt76_sta_add() function in drivers/net/wireless/mediatek/mt76/mac80211.c. A local user can escalate privileges on the system.
219) Memory leak (CVE-ID: CVE-2022-49331)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the st21nfca_connectivity_event_received() function in drivers/nfc/st21nfca/se.c. A local user can perform a denial of service (DoS) attack.
220) NULL pointer dereference (CVE-ID: CVE-2022-49332)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_device_reset_handler() and lpfc_target_reset_handler() functions in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
221) NULL pointer dereference (CVE-ID: CVE-2022-49335)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_cs_parser_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can perform a denial of service (DoS) attack.
222) Buffer overflow (CVE-ID: CVE-2022-49336)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the etnaviv_iommu_unmap_gem() function in drivers/gpu/drm/etnaviv/etnaviv_mmu.c. A local user can perform a denial of service (DoS) attack.
223) Use-after-free (CVE-ID: CVE-2022-49337)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the spin_lock() and user_dlm_destroy_lock() functions in fs/ocfs2/dlmfs/userdlm.c. A local user can escalate privileges on the system.
224) Double free (CVE-ID: CVE-2022-49339)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the seg6_hmac_init() function in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.
225) Memory leak (CVE-ID: CVE-2022-49341)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_jit_binary_free() function in arch/arm64/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
226) Memory leak (CVE-ID: CVE-2022-49342)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcma_mdio_mii_register() function in drivers/net/ethernet/broadcom/bgmac-bcma-mdio.c. A local user can perform a denial of service (DoS) attack.
227) Buffer overflow (CVE-ID: CVE-2022-49343)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dx_probe() function in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
228) Double free (CVE-ID: CVE-2022-49345)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the xfrm4_protocol_init() function in net/ipv4/xfrm4_protocol.c. A local user can perform a denial of service (DoS) attack.
229) Memory leak (CVE-ID: CVE-2022-49346)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gswip_gphy_fw_list() function in drivers/net/dsa/lantiq_gswip.c. A local user can perform a denial of service (DoS) attack.
230) Improper error handling (CVE-ID: CVE-2022-49347)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_convert_inline_data() function in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
231) Input validation error (CVE-ID: CVE-2022-49348)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __ext4_fill_super() and __ext4_remount() functions in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
232) Use-after-free (CVE-ID: CVE-2022-49349)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_get_first_dir_block() function in fs/ext4/namei.c. A local user can escalate privileges on the system.
233) Double free (CVE-ID: CVE-2022-49350)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mdio_bus_init() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.
234) Memory leak (CVE-ID: CVE-2022-49351)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the altera_tse_mdio_create() function in drivers/net/ethernet/altera/altera_tse_main.c. A local user can perform a denial of service (DoS) attack.
235) Infinite loop (CVE-ID: CVE-2022-49352)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ext4_setattr() function in fs/ext4/inode.c. A local user can perform a denial of service (DoS) attack.
236) Memory leak (CVE-ID: CVE-2022-49354)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the octeon_cf_probe() function in drivers/ata/pata_octeon_cf.c. A local user can perform a denial of service (DoS) attack.
237) Buffer overflow (CVE-ID: CVE-2022-49356)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the svc_rdma_build_writes() function in net/sunrpc/xprtrdma/svc_rdma_rw.c. A local user can perform a denial of service (DoS) attack.
238) Resource management error (CVE-ID: CVE-2022-49357)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the UEFI_QUIRK_SKIP_CERT() and load_uefi_certs() functions in security/integrity/platform_certs/load_uefi.c. A local user can perform a denial of service (DoS) attack.
239) Memory leak (CVE-ID: CVE-2022-49367)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mv88e6xxx_mdios_register() function in drivers/net/dsa/mv88e6xxx/chip.c. A local user can perform a denial of service (DoS) attack.
240) Out-of-bounds read (CVE-ID: CVE-2022-49368)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mtk_hwlro_get_fdir_entry() function in drivers/net/ethernet/mediatek/mtk_eth_soc.c. A local user can perform a denial of service (DoS) attack.
241) Memory leak (CVE-ID: CVE-2022-49370)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dmi_sysfs_register_handle() function in drivers/firmware/dmi-sysfs.c. A local user can perform a denial of service (DoS) attack.
242) Improper locking (CVE-ID: CVE-2022-49371)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __device_attach() function in drivers/base/dd.c. A local user can perform a denial of service (DoS) attack.
243) Memory leak (CVE-ID: CVE-2022-49373)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ts4800_wdt_probe() function in drivers/watchdog/ts4800_wdt.c. A local user can perform a denial of service (DoS) attack.
244) NULL pointer dereference (CVE-ID: CVE-2022-49375)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_rtc_probe() function in drivers/rtc/rtc-mt6397.c. A local user can perform a denial of service (DoS) attack.
245) Memory leak (CVE-ID: CVE-2022-49376)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sd_probe() function in drivers/scsi/sd.c. A local user can perform a denial of service (DoS) attack.
246) Use-after-free (CVE-ID: CVE-2022-49377)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the blk_mq_has_sqsched() and blk_mq_get_sq_hctx() functions in block/blk-mq.c. A local user can escalate privileges on the system.
247) Improper locking (CVE-ID: CVE-2022-49378)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/net/ethernet/sfc/net_driver.h. A local user can perform a denial of service (DoS) attack.
248) Improper locking (CVE-ID: CVE-2022-49379)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_SHOW_ATTRIBUTE(), deferred_probe_timeout_work_func() and driver_probe_done() functions in drivers/base/dd.c. A local user can perform a denial of service (DoS) attack.
249) Memory leak (CVE-ID: CVE-2022-49381)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_free_raw_node_refs() function in fs/jffs2/fs.c. A local user can perform a denial of service (DoS) attack.
250) Memory leak (CVE-ID: CVE-2022-49382)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_grf_init() function in drivers/soc/rockchip/grf.c. A local user can perform a denial of service (DoS) attack.
251) Double free (CVE-ID: CVE-2022-49384)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the md_free() and md_stop() functions in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
252) Use-after-free (CVE-ID: CVE-2022-49385)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bus_add_driver() function in drivers/base/bus.c. A local user can escalate privileges on the system.
253) Memory leak (CVE-ID: CVE-2022-49386)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the am65_cpsw_init_cpts() and am65_cpsw_nuss_probe() functions in drivers/net/ethernet/ti/am65-cpsw-nuss.c. A local user can perform a denial of service (DoS) attack.
254) Memory leak (CVE-ID: CVE-2022-49389)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the stub_probe() and put_busid_priv() functions in drivers/usb/usbip/stub_dev.c. A local user can perform a denial of service (DoS) attack.
255) NULL pointer dereference (CVE-ID: CVE-2022-49392)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the aspeed_vuart_probe() function in drivers/tty/serial/8250/8250_aspeed_vuart.c. A local user can perform a denial of service (DoS) attack.
256) Memory leak (CVE-ID: CVE-2022-49394)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the blkiolatency_enable_work_fn(), BLKIOLATENCY(), blkcg_iolatency_throttle(), blkcg_iolatency_done_bio(), blkcg_iolatency_exit(), rcu_read_unlock(), blk_iolatency_init(), iolatency_set_min_lat_nsec(), iolatency_set_limit() and iolatency_pd_offline() functions in block/blk-iolatency.c. A local user can perform a denial of service (DoS) attack.
257) Memory leak (CVE-ID: CVE-2022-49396)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_qmp_reset_control_put() and qcom_qmp_phy_create() functions in drivers/phy/qualcomm/phy-qcom-qmp.c. A local user can perform a denial of service (DoS) attack.
258) Memory leak (CVE-ID: CVE-2022-49397)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_qmp_phy_create() function in drivers/phy/qualcomm/phy-qcom-qmp.c. A local user can perform a denial of service (DoS) attack.
259) Improper locking (CVE-ID: CVE-2022-49398)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dwc3_gadget_ep_skip_trbs(), dwc3_gadget_ep_cleanup_cancelled_requests() and dwc3_gadget_ep_cleanup_completed_requests() functions in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
260) Memory leak (CVE-ID: CVE-2022-49399)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the goldfish_tty_probe() and goldfish_tty_remove() functions in drivers/tty/goldfish.c. A local user can perform a denial of service (DoS) attack.
261) Use-after-free (CVE-ID: CVE-2022-49400)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the free_conf() function in drivers/md/raid0.c. A local user can escalate privileges on the system.
262) Improper locking (CVE-ID: CVE-2022-49402)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ftrace_func_mapper_add_ip() and register_ftrace_direct() functions in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.
263) Integer overflow (CVE-ID: CVE-2022-49404)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the set_link_ipg() function in drivers/infiniband/hw/hfi1/init.c. A local user can execute arbitrary code.
264) Out-of-bounds read (CVE-ID: CVE-2022-49407)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dlm_posix_lock(), dlm_plock_callback() and dev_write() functions in fs/dlm/plock.c. A local user can perform a denial of service (DoS) attack.
265) Improper error handling (CVE-ID: CVE-2022-49409)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_valid_extent_entries() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
266) Double free (CVE-ID: CVE-2022-49410)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the init_var_ref() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.
267) Use-after-free (CVE-ID: CVE-2022-49411)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_link_bfqg() function in block/bfq-cgroup.c. A local user can escalate privileges on the system.
268) Use-after-free (CVE-ID: CVE-2022-49412)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_setup_merge() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
269) Use-after-free (CVE-ID: CVE-2022-49413)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_bio_merge() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
270) Improper locking (CVE-ID: CVE-2022-49414)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_punch_hole() function in fs/ext4/inode.c, within the ext4_fallocate() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
271) Use-after-free (CVE-ID: CVE-2022-49416)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_vif_use_reserved_context() function in net/mac80211/chan.c. A local user can escalate privileges on the system.
272) Use of uninitialized resource (CVE-ID: CVE-2022-49418)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nfs4_xdr_dec_fs_locations() function in fs/nfs/nfs4xdr.c, within the nfs4_try_migration() function in fs/nfs/nfs4state.c, within the nfs4_get_referral(), _nfs4_proc_fs_locations(), _nfs40_proc_get_locations() and _nfs41_proc_get_locations() functions in fs/nfs/nfs4proc.c, within the nfs_do_refmount() function in fs/nfs/nfs4namespace.c. A local user can perform a denial of service (DoS) attack.
273) Memory leak (CVE-ID: CVE-2022-49421)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the clcdfb_of_vram_setup() function in drivers/video/fbdev/amba-clcd.c. A local user can perform a denial of service (DoS) attack.
274) Memory leak (CVE-ID: CVE-2022-49422)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the idxd_cdev_register() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.
275) NULL pointer dereference (CVE-ID: CVE-2022-49424)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the MT2701_IOMMU_PAGE_SIZE() and mtk_iommu_probe_device() functions in drivers/iommu/mtk_iommu_v1.c, within the mtk_iommu_probe_device() function in drivers/iommu/mtk_iommu.c. A local user can perform a denial of service (DoS) attack.
276) Use-after-free (CVE-ID: CVE-2022-49426)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the arm_smmu_alloc_shared_cd(), kfree() and arm_smmu_free_shared_cd() functions in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c. A local user can escalate privileges on the system.
277) Resource management error (CVE-ID: CVE-2022-49427)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_iommu_remove() function in drivers/iommu/mtk_iommu.c. A local user can perform a denial of service (DoS) attack.
278) NULL pointer dereference (CVE-ID: CVE-2022-49429)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hfi1_write_iter() function in drivers/infiniband/hw/hfi1/file_ops.c. A local user can perform a denial of service (DoS) attack.
279) Resource management error (CVE-ID: CVE-2022-49430)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gpio_keys_quiesce_key() function in drivers/input/keyboard/gpio_keys.c. A local user can perform a denial of service (DoS) attack.
280) Memory leak (CVE-ID: CVE-2022-49431)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iommu_init_early_dart() function in arch/powerpc/sysdev/dart_iommu.c. A local user can perform a denial of service (DoS) attack.
281) Memory leak (CVE-ID: CVE-2022-49432)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the icp_opal_init() function in arch/powerpc/sysdev/xics/icp-opal.c. A local user can perform a denial of service (DoS) attack.
282) Use-after-free (CVE-ID: CVE-2022-49433)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sdma_clean() function in drivers/infiniband/hw/hfi1/sdma.c. A local user can escalate privileges on the system.
283) Improper locking (CVE-ID: CVE-2022-49434)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pci_reset_bus_function() and EXPORT_SYMBOL_GPL() functions in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
284) NULL pointer dereference (CVE-ID: CVE-2022-49435)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the davinci_vc_probe() function in drivers/mfd/davinci_voicecodec.c. A local user can perform a denial of service (DoS) attack.
285) Memory leak (CVE-ID: CVE-2022-49437)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xive_spapr_init() and xive_irq_bitmap_remove_all() functions in arch/powerpc/sysdev/xive/spapr.c. A local user can perform a denial of service (DoS) attack.
286) Memory leak (CVE-ID: CVE-2022-49438)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bbc_beep_probe() function in drivers/input/misc/sparcspkr.c. A local user can perform a denial of service (DoS) attack.
287) Improper locking (CVE-ID: CVE-2022-49440)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the enter_rtas() function in arch/powerpc/kernel/rtas.c, within the _GLOBAL() function in arch/powerpc/kernel/entry_64.S. A local user can perform a denial of service (DoS) attack.
288) Improper locking (CVE-ID: CVE-2022-49441)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tty_buffer_alloc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.
289) Memory leak (CVE-ID: CVE-2022-49442)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the register_node() function in drivers/base/node.c. A local user can perform a denial of service (DoS) attack.
290) Improper locking (CVE-ID: CVE-2022-49443)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/list.h. A local user can perform a denial of service (DoS) attack.
291) Out-of-bounds read (CVE-ID: CVE-2022-49444)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the elf_validity_check() function in kernel/module.c. A local user can perform a denial of service (DoS) attack.
292) NULL pointer dereference (CVE-ID: CVE-2022-49445)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sh_pfc_map_resources() function in drivers/pinctrl/renesas/core.c. A local user can perform a denial of service (DoS) attack.
293) Memory leak (CVE-ID: CVE-2022-49447)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hi3xxx_smp_prepare_cpus() and hip01_boot_secondary() functions in arch/arm/mach-hisi/platsmp.c. A local user can perform a denial of service (DoS) attack.
294) NULL pointer dereference (CVE-ID: CVE-2022-49448)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bcm_pmb_probe() function in drivers/soc/bcm/bcm63xx/bcm-pmb.c. A local user can perform a denial of service (DoS) attack.
295) NULL pointer dereference (CVE-ID: CVE-2022-49449)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rzn1_pinctrl_probe() function in drivers/pinctrl/renesas/pinctrl-rzn1.c. A local user can perform a denial of service (DoS) attack.
296) Input validation error (CVE-ID: CVE-2022-49451)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the scmi_base_implementation_list_get() function in drivers/firmware/arm_scmi/base.c. A local user can perform a denial of service (DoS) attack.
297) NULL pointer dereference (CVE-ID: CVE-2022-49453)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ti_sci_pm_domain_probe() function in drivers/soc/ti/ti_sci_pm_domains.c. A local user can perform a denial of service (DoS) attack.
298) Double free (CVE-ID: CVE-2022-49455)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ocxl_file_register_afu() function in drivers/misc/ocxl/file.c. A local user can perform a denial of service (DoS) attack.
299) NULL pointer dereference (CVE-ID: CVE-2022-49459)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sr_thermal_probe() function in drivers/thermal/broadcom/sr-thermal.c. A local user can perform a denial of service (DoS) attack.
300) Resource management error (CVE-ID: CVE-2022-49460)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rk3399_dmcfreq_remove() function in drivers/devfreq/rk3399_dmc.c. A local user can perform a denial of service (DoS) attack.
301) Memory leak (CVE-ID: CVE-2022-49462)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the a6xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a6xx_gpu.c. A local user can perform a denial of service (DoS) attack.
302) Memory leak (CVE-ID: CVE-2022-49463)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_sc_thermal_probe() function in drivers/thermal/imx_sc_thermal.c. A local user can perform a denial of service (DoS) attack.
303) Memory leak (CVE-ID: CVE-2022-49466)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scmi_regulator_probe() function in drivers/regulator/scmi-regulator.c. A local user can perform a denial of service (DoS) attack.
304) Memory leak (CVE-ID: CVE-2022-49467)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp5_crtc_cursor_set() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c. A local user can perform a denial of service (DoS) attack.
305) Memory leak (CVE-ID: CVE-2022-49468)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __thermal_cooling_device_register() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
306) NULL pointer dereference (CVE-ID: CVE-2022-49472)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kszphy_config_reset(), kszphy_config_init() and kszphy_probe() functions in drivers/net/phy/micrel.c. A local user can perform a denial of service (DoS) attack.
307) Memory leak (CVE-ID: CVE-2022-49473)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the j721e_soc_probe_cpb() and j721e_soc_probe_ivi() functions in sound/soc/ti/j721e-evm.c. A local user can perform a denial of service (DoS) attack.
308) Use-after-free (CVE-ID: CVE-2022-49474)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sco_sock_connect() function in net/bluetooth/sco.c. A local user can escalate privileges on the system.
309) NULL pointer dereference (CVE-ID: CVE-2022-49475)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fsl_qspi_probe() function in drivers/spi/spi-fsl-qspi.c. A local user can perform a denial of service (DoS) attack.
310) Memory leak (CVE-ID: CVE-2022-49477)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the aries_audio_probe() function in sound/soc/samsung/aries_wm8994.c. A local user can perform a denial of service (DoS) attack.
311) Out-of-bounds read (CVE-ID: CVE-2022-49478)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pvr2_hdw_create() function in drivers/media/usb/pvrusb2/pvrusb2-hdw.c. A local user can perform a denial of service (DoS) attack.
312) Memory leak (CVE-ID: CVE-2022-49480)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_hdmi_probe() function in sound/soc/fsl/imx-hdmi.c. A local user can perform a denial of service (DoS) attack.
313) Memory leak (CVE-ID: CVE-2022-49481)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pfuze_parse_regulators_dt() function in drivers/regulator/pfuze100-regulator.c. A local user can perform a denial of service (DoS) attack.
314) Memory leak (CVE-ID: CVE-2022-49482)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mxs_saif_probe() function in sound/soc/mxs/mxs-saif.c. A local user can perform a denial of service (DoS) attack.
315) Memory leak (CVE-ID: CVE-2022-49486)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_sgtl5000_probe() function in sound/soc/fsl/imx-sgtl5000.c. A local user can perform a denial of service (DoS) attack.
316) NULL pointer dereference (CVE-ID: CVE-2022-49487)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ebu_nand_probe() function in drivers/mtd/nand/raw/intel-nand-controller.c. A local user can perform a denial of service (DoS) attack.
317) NULL pointer dereference (CVE-ID: CVE-2022-49488)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mdp5_mixer_assign() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_mixer.c, within the mdp5_crtc_setup_pipeline() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c. A local user can perform a denial of service (DoS) attack.
318) Use-after-free (CVE-ID: CVE-2022-49489)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _dpu_kms_hw_destroy() function in drivers/gpu/drm/msm/disp/dpu1/dpu_kms.c. A local user can escalate privileges on the system.
319) NULL pointer dereference (CVE-ID: CVE-2022-49490)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mdp5_plane_atomic_check_with_state() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_plane.c, within the mdp5_pipe_assign() and mdp5_pipe_release() functions in drivers/gpu/drm/msm/disp/mdp5/mdp5_pipe.c. A local user can perform a denial of service (DoS) attack.
320) NULL pointer dereference (CVE-ID: CVE-2022-49491)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vop_bind() function in drivers/gpu/drm/rockchip/rockchip_drm_vop.c. A local user can perform a denial of service (DoS) attack.
321) NULL pointer dereference (CVE-ID: CVE-2022-49492)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvme_alloc_admin_tags() function in drivers/nvme/host/pci.c. A local user can perform a denial of service (DoS) attack.
322) Use-after-free (CVE-ID: CVE-2022-49493)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rt5645_i2c_remove() function in sound/soc/codecs/rt5645.c. A local user can escalate privileges on the system.
323) NULL pointer dereference (CVE-ID: CVE-2022-49494)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cadence_nand_dt_probe() function in drivers/mtd/nand/raw/cadence-nand-controller.c. A local user can perform a denial of service (DoS) attack.
324) NULL pointer dereference (CVE-ID: CVE-2022-49495)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_hdmi_init() function in drivers/gpu/drm/msm/hdmi/hdmi.c. A local user can perform a denial of service (DoS) attack.
325) NULL pointer dereference (CVE-ID: CVE-2022-49498)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() and snd_pcm_lib_free_pages() functions in sound/core/pcm_memory.c. A local user can perform a denial of service (DoS) attack.
326) Use-after-free (CVE-ID: CVE-2022-49501)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smsc95xx_start_phy() function in drivers/net/usb/smsc95xx.c, within the ax88772_stop() function in drivers/net/usb/asix_devices.c. A local user can escalate privileges on the system.
327) Memory leak (CVE-ID: CVE-2022-49502)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rga_probe() and dma_free_attrs() functions in drivers/media/platform/rockchip/rga/rga.c. A local user can perform a denial of service (DoS) attack.
328) Out-of-bounds read (CVE-ID: CVE-2022-49503)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath9k_rx_prepare() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c. A local user can perform a denial of service (DoS) attack.
329) Out-of-bounds read (CVE-ID: CVE-2022-49504)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the lpfc_sli_issue_abort_iotag(), lpfc_sli_abort_taskmgmt() and lpfc_sli4_issue_abort_iotag() functions in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_linkdown() function in drivers/scsi/lpfc/lpfc_hbadisc.c, within the lpfc_issue_els_flogi() and lpfc_els_rcv_flogi() functions in drivers/scsi/lpfc/lpfc_els.c. A local user can perform a denial of service (DoS) attack.
330) Use-after-free (CVE-ID: CVE-2022-49505)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfc_unregister_device() function in net/nfc/core.c. A local user can escalate privileges on the system.
331) Resource management error (CVE-ID: CVE-2022-49506)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_drm_cmdq_pkt_destroy(), mtk_drm_crtc_destroy(), mtk_drm_crtc_enable_vblank() and mtk_drm_crtc_create() functions in drivers/gpu/drm/mediatek/mtk_drm_crtc.c, within the rdma_update_bits() function in drivers/gpu/drm/mediatek/mtk_disp_rdma.c, within the mtk_disp_ovl_irq_handler() and mtk_ovl_disable_vblank() functions in drivers/gpu/drm/mediatek/mtk_disp_ovl.c. A local user can perform a denial of service (DoS) attack.
332) Out-of-bounds read (CVE-ID: CVE-2022-49507)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the da9121_assign_chip_model() function in drivers/regulator/da9121-regulator.c. A local user can perform a denial of service (DoS) attack.
333) Double free (CVE-ID: CVE-2022-49508)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the elan_input_configured() function in drivers/hid/hid-elan.c. A local user can perform a denial of service (DoS) attack.
334) Resource management error (CVE-ID: CVE-2022-49509)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the max9286_poc_enable(), max9286_init(), max9286_probe() and max9286_remove() functions in drivers/media/i2c/max9286.c. A local user can perform a denial of service (DoS) attack.
335) Improper locking (CVE-ID: CVE-2022-49512)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the denali_pci_probe() and denali_pci_remove() functions in drivers/mtd/nand/raw/denali_pci.c. A local user can perform a denial of service (DoS) attack.
336) Memory leak (CVE-ID: CVE-2022-49514)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt8173_max98090_dev_probe() function in sound/soc/mediatek/mt8173/mt8173-max98090.c. A local user can perform a denial of service (DoS) attack.
337) Out-of-bounds read (CVE-ID: CVE-2022-49515)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cs35l41_volatile_reg() and ARRAY_SIZE() functions in sound/soc/codecs/cs35l41-lib.c. A local user can perform a denial of service (DoS) attack.
338) Memory leak (CVE-ID: CVE-2022-49517)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt2701_wm8960_machine_probe() function in sound/soc/mediatek/mt2701/mt2701-wm8960.c. A local user can perform a denial of service (DoS) attack.
339) Improper locking (CVE-ID: CVE-2022-49519)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath10k_stop() function in drivers/net/wireless/ath/ath10k/mac.c. A local user can perform a denial of service (DoS) attack.
340) Improper error handling (CVE-ID: CVE-2022-49520)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the compat_arm_syscall() function in arch/arm64/kernel/sys_compat.c. A local user can perform a denial of service (DoS) attack.
341) Memory leak (CVE-ID: CVE-2022-49521)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_fc_frame_check() and lpfc_sli4_send_seq_to_ulp() functions in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
342) Resource management error (CVE-ID: CVE-2022-49522)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the jz4740_mmc_acquire_dma_channels() function in drivers/mmc/host/jz4740_mmc.c. A local user can perform a denial of service (DoS) attack.
343) NULL pointer dereference (CVE-ID: CVE-2022-49523)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath11k_spectral_scan_config(), ath11k_spectral_ring_free() and ath11k_spectral_deinit() functions in drivers/net/wireless/ath/ath11k/spectral.c. A local user can perform a denial of service (DoS) attack.
344) Use-after-free (CVE-ID: CVE-2022-49524)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cx23885_initdev() function in drivers/media/pci/cx23885/cx23885-core.c. A local user can escalate privileges on the system.
345) Memory leak (CVE-ID: CVE-2022-49525)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cx25821_finidev() function in drivers/media/pci/cx25821/cx25821-core.c. A local user can perform a denial of service (DoS) attack.
346) Input validation error (CVE-ID: CVE-2022-49526)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the le32_to_cpu() and kunmap_atomic() functions in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.
347) NULL pointer dereference (CVE-ID: CVE-2022-49527)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hfi_core_deinit() function in drivers/media/platform/qcom/venus/hfi.c. A local user can perform a denial of service (DoS) attack.
348) NULL pointer dereference (CVE-ID: CVE-2022-49532)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_gpu_conn_get_modes() function in drivers/gpu/drm/virtio/virtgpu_display.c. A local user can perform a denial of service (DoS) attack.
349) Memory leak (CVE-ID: CVE-2022-49534)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_ignore_els_cmpl() function in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_rcv_plogi() function in drivers/scsi/lpfc/lpfc_nportdisc.c. A local user can perform a denial of service (DoS) attack.
350) Use-after-free (CVE-ID: CVE-2022-49535)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_initial_flogi(), lpfc_initial_fdisc(), lpfc_cmpl_els_plogi(), lpfc_cmpl_els_prli() and lpfc_cmpl_els_adisc() functions in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.
351) Improper locking (CVE-ID: CVE-2022-49536)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_abort_handler() function in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
352) Input validation error (CVE-ID: CVE-2022-49537)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the lpfc_update_cmf_cmpl() and lpfc_update_cmf_cmd() functions in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
353) Double free (CVE-ID: CVE-2022-49541)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the cifs_smb3_do_mount() function in fs/cifs/cifsfs.c. A local user can perform a denial of service (DoS) attack.
354) Improper locking (CVE-ID: CVE-2022-49542)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_dmp_dbg() function in drivers/scsi/lpfc/lpfc_init.c. A local user can perform a denial of service (DoS) attack.
355) NULL pointer dereference (CVE-ID: CVE-2022-49544)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the libipw_xmit() function in drivers/net/wireless/intel/ipw2x00/libipw_tx.c. A local user can perform a denial of service (DoS) attack.
356) Resource management error (CVE-ID: CVE-2022-49545)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the snd_usbmidi_output_open() function in sound/usb/midi.c. A local user can perform a denial of service (DoS) attack.
357) Memory leak (CVE-ID: CVE-2022-49546)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the machine_kexec() function in arch/x86/kernel/machine_kexec_64.c. A local user can perform a denial of service (DoS) attack.
358) Memory leak (CVE-ID: CVE-2022-49549)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfree(), mce_threshold_remove_device() and mce_threshold_create_device() functions in arch/x86/kernel/cpu/mce/amd.c. A local user can perform a denial of service (DoS) attack.
359) Out-of-bounds read (CVE-ID: CVE-2022-49551)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the REG_FIELD() function in drivers/usb/isp1760/isp1760-core.c. A local user can perform a denial of service (DoS) attack.
360) Buffer overflow (CVE-ID: CVE-2022-49555)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the qca_close() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
361) Memory leak (CVE-ID: CVE-2022-49556)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sev_launch_measure() and __sev_dbg_decrypt_user() functions in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.
362) Input validation error (CVE-ID: CVE-2022-49559)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nested_vmx_vmexit() function in arch/x86/kvm/vmx/nested.c, within the nested_svm_vmexit() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
363) Input validation error (CVE-ID: CVE-2022-49562)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arch/x86/kvm/mmu/paging_tmpl.h. A local user can perform a denial of service (DoS) attack.
364) Integer underflow (CVE-ID: CVE-2022-49563)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the qat_rsa_enc() and qat_rsa_dec() functions in drivers/crypto/qat/qat_common/qat_asym_algs.c. A local user can execute arbitrary code.
365) Integer underflow (CVE-ID: CVE-2022-49564)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the qat_dh_compute_value() function in drivers/crypto/qat/qat_common/qat_asym_algs.c. A local user can execute arbitrary code.
366) Memory leak (CVE-ID: CVE-2022-49566)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qat_rsa_exit_tfm() function in drivers/crypto/qat/qat_common/qat_asym_algs.c. A local user can perform a denial of service (DoS) attack.
367) NULL pointer dereference (CVE-ID: CVE-2022-49568)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kvm_ioctl_create_device() function in virt/kvm/kvm_main.c. A local user can perform a denial of service (DoS) attack.
368) NULL pointer dereference (CVE-ID: CVE-2022-49569)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bcm2835_spi_handle_err() function in drivers/spi/spi-bcm2835.c. A local user can perform a denial of service (DoS) attack.
369) Integer overflow (CVE-ID: CVE-2022-49570)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the xgpio_set_value32() function in drivers/gpio/gpio-xilinx.c. A local user can execute arbitrary code.
370) Race condition within a thread (CVE-ID: CVE-2022-49579)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the fib_multipath_hash() function in net/ipv4/route.c, within the mlxsw_sp_mp4_hash_init() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c. A local user can corrupt data.
371) Buffer overflow (CVE-ID: CVE-2022-49581)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the be_get_module_info() and be_get_module_eeprom() functions in drivers/net/ethernet/emulex/benet/be_ethtool.c, within the be_cmd_read_port_transceiver_data(), be_cmd_query_cable_type() and be_cmd_query_sfp_info() functions in drivers/net/ethernet/emulex/benet/be_cmds.c. A local user can escalate privileges on the system.
372) Memory leak (CVE-ID: CVE-2022-49583)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iavf_get_rx_buffer() function in drivers/net/ethernet/intel/iavf/iavf_txrx.c. A local user can perform a denial of service (DoS) attack.
373) Improper locking (CVE-ID: CVE-2022-49584)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ixgbe_enable_sriov(), ixgbe_rcv_ack_from_vf() and ixgbe_msg_task() functions in drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c, within the ixgbe_sw_init() function in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c. A local user can perform a denial of service (DoS) attack.
374) Memory leak (CVE-ID: CVE-2022-49591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ksz_switch_register() function in drivers/net/dsa/microchip/ksz_common.c. A local user can perform a denial of service (DoS) attack.
375) Out-of-bounds read (CVE-ID: CVE-2022-49592)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dwmac4_map_mtl_dma() function in drivers/net/ethernet/stmicro/stmmac/dwmac4_core.c. A local user can perform a denial of service (DoS) attack.
376) Race condition within a thread (CVE-ID: CVE-2022-49603)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the ip_forward() function in net/ipv4/ip_forward.c, within the mlxsw_sp_dscp_init() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c. A local user can corrupt data.
377) NULL pointer dereference (CVE-ID: CVE-2022-49605)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/ethernet/intel/igc/igc_regs.h. A local user can perform a denial of service (DoS) attack.
378) Improper locking (CVE-ID: CVE-2022-49606)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_cm_teardown_connections() function in drivers/infiniband/hw/irdma/cm.c. A local user can perform a denial of service (DoS) attack.
379) Infinite loop (CVE-ID: CVE-2022-49607)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the mutex_lock_double(), perf_event_set_output(), ring_buffer_get() and mutex_unlock() functions in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
380) Memory leak (CVE-ID: CVE-2022-49609)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the versatile_reboot_probe() function in drivers/power/reset/arm-versatile-reboot.c. A local user can perform a denial of service (DoS) attack.
381) Integer underflow (CVE-ID: CVE-2022-49610)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the vmx_vcpu_run() function in arch/x86/kvm/vmx/vmx.c, within the SYM_FUNC_START() function in arch/x86/kvm/vmx/vmenter.S, within the check_bugs() function in arch/x86/kernel/cpu/bugs.c, within the common() function in arch/x86/kernel/asm-offsets.c. A local user can execute arbitrary code.
382) Integer underflow (CVE-ID: CVE-2022-49611)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the SYM_INNER_LABEL() function in arch/x86/kvm/vmx/vmenter.S, within the spectre_v2_select_mitigation() function in arch/x86/kernel/cpu/bugs.c. A local user can execute arbitrary code.
383) Integer underflow (CVE-ID: CVE-2022-49613)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the uart_proc_show() function in drivers/tty/serial/serial_core.c, within the serial8250_register_ports() function in drivers/tty/serial/8250/8250_core.c. A local user can execute arbitrary code.
384) NULL pointer dereference (CVE-ID: CVE-2022-49615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt711_sdca_index_write() and rt711_sdca_index_read() functions in sound/soc/codecs/rt711-sdca.c. A local user can perform a denial of service (DoS) attack.
385) NULL pointer dereference (CVE-ID: CVE-2022-49616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt711_jack_detect_handler() function in sound/soc/codecs/rt711.c, within the rt711_sdca_jack_detect_handler() function in sound/soc/codecs/rt711-sdca.c, within the rt700_jack_detect_handler() function in sound/soc/codecs/rt700.c. A local user can perform a denial of service (DoS) attack.
386) Improper error handling (CVE-ID: CVE-2022-49617)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mc_dailink_exit_loop() and mc_probe() functions in sound/soc/intel/boards/sof_sdw.c. A local user can perform a denial of service (DoS) attack.
387) NULL pointer dereference (CVE-ID: CVE-2022-49618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the aspeed_pinmux_set_mux() function in drivers/pinctrl/aspeed/pinctrl-aspeed.c. A local user can perform a denial of service (DoS) attack.
388) Memory leak (CVE-ID: CVE-2022-49621)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pmac_cpufreq_init_MacRISC3() function in drivers/cpufreq/pmac32-cpufreq.c. A local user can perform a denial of service (DoS) attack.
389) Use-after-free (CVE-ID: CVE-2022-49623)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xive_irq_bitmap_add() and xive_irq_bitmap_remove_all() functions in arch/powerpc/sysdev/xive/spapr.c. A local user can escalate privileges on the system.
390) Use-after-free (CVE-ID: CVE-2022-49625)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efx_ef10_try_update_nic_stats_vf() function in drivers/net/ethernet/sfc/ef10.c. A local user can escalate privileges on the system.
391) Use-after-free (CVE-ID: CVE-2022-49626)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efx_ef10_pci_sriov_disable() function in drivers/net/ethernet/sfc/ef10_sriov.c. A local user can escalate privileges on the system.
392) Memory leak (CVE-ID: CVE-2022-49627)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the crypto_free_shash() function in security/integrity/ima/ima_crypto.c. A local user can perform a denial of service (DoS) attack.
393) Memory leak (CVE-ID: CVE-2022-49628)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ingenic_mac_probe() function in drivers/net/ethernet/stmicro/stmmac/dwmac-ingenic.c. A local user can perform a denial of service (DoS) attack.
394) Race condition within a thread (CVE-ID: CVE-2022-49631)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the include/net/raw.h. A local user can corrupt data.
395) Race condition within a thread (CVE-ID: CVE-2022-49634)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the proc_dou8vec_minmax() function in kernel/sysctl.c. A local user can corrupt data.
396) Race condition within a thread (CVE-ID: CVE-2022-49640)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the do_proc_douintvec_minmax_conv() function in kernel/sysctl.c. A local user can corrupt data.
397) Race condition within a thread (CVE-ID: CVE-2022-49641)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the do_proc_douintvec_conv() function in kernel/sysctl.c. A local user can corrupt data.
398) Buffer overflow (CVE-ID: CVE-2022-49642)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tegra_eqos_init() function in drivers/net/ethernet/stmicro/stmmac/dwmac-dwc-qos-eth.c. A local user can perform a denial of service (DoS) attack.
399) Integer overflow (CVE-ID: CVE-2022-49643)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ima_appraise_measurement() function in security/integrity/ima/ima_appraise.c. A local user can execute arbitrary code.
400) Memory leak (CVE-ID: CVE-2022-49644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the intel_dp_add_mst_connector() function in drivers/gpu/drm/i915/display/intel_dp_mst.c. A local user can perform a denial of service (DoS) attack.
401) Buffer overflow (CVE-ID: CVE-2022-49645)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the panfrost_ioctl_madvise() function in drivers/gpu/drm/panfrost/panfrost_drv.c. A local user can perform a denial of service (DoS) attack.
402) Integer underflow (CVE-ID: CVE-2022-49646)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the __ieee80211_select_queue() function in net/mac80211/wme.c. A local user can execute arbitrary code.
403) Use-after-free (CVE-ID: CVE-2022-49647)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LIST_HEAD_INIT(), find_css_set(), cgroup_migrate_vet_dst(), cgroup_migrate_add_src(), cgroup_migrate_prepare_dst() and cgroup_update_dfl_csses() functions in kernel/cgroup/cgroup.c. A local user can escalate privileges on the system.
404) Memory leak (CVE-ID: CVE-2022-49648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the parse_var_defs() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.
405) NULL pointer dereference (CVE-ID: CVE-2022-49649)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xenvif_rx_action() function in drivers/net/xen-netback/rx.c. A local user can perform a denial of service (DoS) attack.
406) Memory leak (CVE-ID: CVE-2022-49652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ti_dra7_xbar_route_allocate() function in drivers/dma/ti/dma-crossbar.c. A local user can perform a denial of service (DoS) attack.
407) Memory leak (CVE-ID: CVE-2022-49653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the piix4_sb800_region_request() and piix4_sb800_region_release() functions in drivers/i2c/busses/i2c-piix4.c. A local user can perform a denial of service (DoS) attack.
408) Memory leak (CVE-ID: CVE-2022-49656)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the meson_smp_prepare_cpus() function in arch/arm/mach-meson/platsmp.c. A local user can perform a denial of service (DoS) attack.
409) Memory leak (CVE-ID: CVE-2022-49657)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usbnet_async_cmd_cb() and usbnet_write_cmd_async() functions in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
410) Memory leak (CVE-ID: CVE-2022-49661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gs_can_open() and gs_can_close() functions in drivers/net/can/usb/gs_usb.c. A local user can perform a denial of service (DoS) attack.
411) Resource management error (CVE-ID: CVE-2022-49663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the skb_tunnel_check_pmtu() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
412) Memory leak (CVE-ID: CVE-2022-49665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the thinkpad_acpi_amd_s2idle_restore() function in drivers/platform/x86/thinkpad_acpi.c. A local user can perform a denial of service (DoS) attack.
413) Use-after-free (CVE-ID: CVE-2022-49667)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bond_3ad_unbind_slave() function in drivers/net/bonding/bond_3ad.c. A local user can escalate privileges on the system.
414) Memory leak (CVE-ID: CVE-2022-49668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_get_devfreq_events() function in drivers/devfreq/event/exynos-ppmu.c. A local user can perform a denial of service (DoS) attack.
415) Division by zero (CVE-ID: CVE-2022-49670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the include/linux/dim.h. A local user can perform a denial of service (DoS) attack.
416) Memory leak (CVE-ID: CVE-2022-49671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ib_cm_insert_listen() function in drivers/infiniband/core/cm.c. A local user can perform a denial of service (DoS) attack.
417) Race condition (CVE-ID: CVE-2022-49672)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the tun_detach_all() function in drivers/net/tun.c. A local user can escalate privileges on the system.
418) Resource management error (CVE-ID: CVE-2022-49673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the raid5_add_disk() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
419) Out-of-bounds read (CVE-ID: CVE-2022-49674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the validate_region_size(), validate_raid_redundancy(), __rdev_sectors() and raid_iterate_devices() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
420) Double free (CVE-ID: CVE-2022-49675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the tick_nohz_full_setup() function in kernel/time/tick-sched.c. A local user can perform a denial of service (DoS) attack.
421) Memory leak (CVE-ID: CVE-2022-49676)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_get_dram_timings() function in drivers/memory/samsung/exynos5422-dmc.c. A local user can perform a denial of service (DoS) attack.
422) Memory leak (CVE-ID: CVE-2022-49677)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cns3xxx_init() function in arch/arm/mach-cns3xxx/core.c. A local user can perform a denial of service (DoS) attack.
423) Memory leak (CVE-ID: CVE-2022-49678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.
424) Memory leak (CVE-ID: CVE-2022-49679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the axxia_boot_secondary() function in arch/arm/mach-axxia/platsmp.c. A local user can perform a denial of service (DoS) attack.
425) Memory leak (CVE-ID: CVE-2022-49680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exynos_map_pmu() function in arch/arm/mach-exynos/exynos.c. A local user can perform a denial of service (DoS) attack.
426) Memory leak (CVE-ID: CVE-2022-49683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the adi_axi_adc_attach_client() function in drivers/iio/adc/adi-axi-adc.c. A local user can perform a denial of service (DoS) attack.
427) Use-after-free (CVE-ID: CVE-2022-49685)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iio_sysfs_trigger_remove() function in drivers/iio/trigger/iio-trig-sysfs.c. A local user can escalate privileges on the system.
428) Resource management error (CVE-ID: CVE-2022-49687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virtnet_freeze_down(), init_vqs() and virtnet_restore_up() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
429) NULL pointer dereference (CVE-ID: CVE-2022-49688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the afs_getattr() function in fs/afs/inode.c. A local user can perform a denial of service (DoS) attack.
430) Memory leak (CVE-ID: CVE-2022-49693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp4_modeset_init_intf() function in drivers/gpu/drm/msm/disp/mdp4/mdp4_kms.c. A local user can perform a denial of service (DoS) attack.
431) Use-after-free (CVE-ID: CVE-2022-49695)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the igb_clean_tx_ring() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can escalate privileges on the system.
432) NULL pointer dereference (CVE-ID: CVE-2022-49699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the filemap_get_read_batch() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
433) Use-after-free (CVE-ID: CVE-2022-49700)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the next_tid() function in mm/slub.c. A local user can escalate privileges on the system.
434) Use-after-free (CVE-ID: CVE-2022-49701)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ibmvfc_npiv_logout(), ibmvfc_reenable_crq_queue(), ibmvfc_reset_crq(), ibmvfc_register_scsi_channel(), plpar_hcall_norets(), ibmvfc_deregister_scsi_channel() and ibmvfc_init_sub_crqs() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can escalate privileges on the system.
435) NULL pointer dereference (CVE-ID: CVE-2022-49703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ibmvfc_alloc_queue() and ibmvfc_register_scsi_channel() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can perform a denial of service (DoS) attack.
436) Memory leak (CVE-ID: CVE-2022-49704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v9fs_vfs_get_link() function in fs/9p/vfs_inode.c. A local user can perform a denial of service (DoS) attack.
437) Memory leak (CVE-ID: CVE-2022-49705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v9fs_vfs_atomic_open_dotl() function in fs/9p/vfs_inode_dotl.c. A local user can perform a denial of service (DoS) attack.
438) NULL pointer dereference (CVE-ID: CVE-2022-49707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ext4_resize_begin() function in fs/ext4/resize.c. A local user can perform a denial of service (DoS) attack.
439) Improper error handling (CVE-ID: CVE-2022-49708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_mb_normalize_request() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
440) Buffer overflow (CVE-ID: CVE-2022-49710)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the create_log_context() function in drivers/md/dm-log.c. A local user can perform a denial of service (DoS) attack.
441) Use-after-free (CVE-ID: CVE-2022-49711)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsl_mc_bus_remove() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can escalate privileges on the system.
442) Memory leak (CVE-ID: CVE-2022-49712)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpc32xx_udc_probe() function in drivers/usb/gadget/udc/lpc32xx_udc.c. A local user can perform a denial of service (DoS) attack.
443) Memory leak (CVE-ID: CVE-2022-49713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.
444) Memory leak (CVE-ID: CVE-2022-49714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the map_interrupts() function in drivers/irqchip/irq-realtek-rtl.c. A local user can perform a denial of service (DoS) attack.
445) Memory leak (CVE-ID: CVE-2022-49715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gic_populate_ppi_partitions() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
446) Improper error handling (CVE-ID: CVE-2022-49716)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the gic_populate_ppi_partitions() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
447) Memory leak (CVE-ID: CVE-2022-49719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the realview_gic_of_init() function in drivers/irqchip/irq-gic-realview.c. A local user can perform a denial of service (DoS) attack.
448) Out-of-bounds read (CVE-ID: CVE-2022-49720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the blk_mq_alloc_request_hctx() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
449) Resource management error (CVE-ID: CVE-2022-49721)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the get_ftrace_plt(), ftrace_modify_call() and ftrace_make_nop() functions in arch/arm64/kernel/ftrace.c. A local user can perform a denial of service (DoS) attack.
450) Use-after-free (CVE-ID: CVE-2022-49722)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ice_reset_vf() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c. A local user can escalate privileges on the system.
451) Infinite loop (CVE-ID: CVE-2022-49723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the error_state_read() function in drivers/gpu/drm/i915/i915_sysfs.c. A local user can perform a denial of service (DoS) attack.
452) Resource management error (CVE-ID: CVE-2022-49724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the goldfish_tty_remove() function in drivers/tty/goldfish.c. A local user can perform a denial of service (DoS) attack.
453) Input validation error (CVE-ID: CVE-2022-49725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_diag_test() function in drivers/net/ethernet/intel/i40e/i40e_ethtool.c. A local user can perform a denial of service (DoS) attack.
454) Double free (CVE-ID: CVE-2022-49726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the hv_init_clocksource() function in drivers/clocksource/hyperv_timer.c. A local user can perform a denial of service (DoS) attack.
455) Memory leak (CVE-ID: CVE-2022-49729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfcmrvl_play_deferred() function in drivers/nfc/nfcmrvl/usb.c. A local user can perform a denial of service (DoS) attack.
456) Use-after-free (CVE-ID: CVE-2022-49730)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_cmpl_els_logo(), lpfc_els_free_iocb() and lpfc_disc_state_machine() functions in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.
457) NULL pointer dereference (CVE-ID: CVE-2022-49731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_host_alloc_pinfo() function in drivers/ata/libata-core.c. A local user can perform a denial of service (DoS) attack.
458) NULL pointer dereference (CVE-ID: CVE-2022-49733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_pcm_oss_sync() function in sound/core/oss/pcm_oss.c. A local user can perform a denial of service (DoS) attack.
459) Buffer overflow (CVE-ID: CVE-2023-28410)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
460) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2024-2201)
The vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to native branch history injection on x86 systems. A malicious guest can infer the contents of arbitrary host memory, including memory assigned to other guests and compromise the affected system.
461) Use-after-free (CVE-ID: CVE-2024-41092)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_vma_revoke_fence() function in drivers/gpu/drm/i915/gt/intel_ggtt_fencing.c. A local user can escalate privileges on the system.
462) Input validation error (CVE-ID: CVE-2024-42098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ecdh_set_secret() function in crypto/ecdh.c. A local user can perform a denial of service (DoS) attack.
463) Buffer overflow (CVE-ID: CVE-2024-42229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the setkey_unaligned() function in crypto/cipher.c, within the setkey_unaligned() function in crypto/aead.c. A local user can perform a denial of service (DoS) attack.
464) Buffer overflow (CVE-ID: CVE-2024-42240)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_INNER_LABEL() function in arch/x86/entry/entry_64_compat.S. A local user can perform a denial of service (DoS) attack.
465) Out-of-bounds read (CVE-ID: CVE-2024-57996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sfq_change() function in net/sched/sch_sfq.c. A local user can perform a denial of service (DoS) attack.
466) Out-of-bounds read (CVE-ID: CVE-2024-58014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the wlc_phy_iqcal_gainparams_nphy() function in drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c. A local user can perform a denial of service (DoS) attack.
467) Use-after-free (CVE-ID: CVE-2025-21718)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rose_heartbeat_expiry(), rose_timer_expiry() and rose_idletimer_expiry() functions in net/rose/rose_timer.c. A local user can escalate privileges on the system.
468) Buffer overflow (CVE-ID: CVE-2025-21780)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the smu_sys_set_pp_table() function in drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.