[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 18 15:35:34 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
627407f1 by Salvatore Bonaccorso at 2025-06-18T16:34:35+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,1124 @@
+CVE-2022-50232 [arm64: set UXN on swapper page tables]
+ - linux 5.16.7-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/775871d4be0d75e219cca937af843a4a1b60489a (5.15.60)
+CVE-2022-50231 [crypto: arm64/poly1305 - fix a read out-of-bound]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.136-1
+ NOTE: https://git.kernel.org/linus/7ae19d422c7da84b5f13bc08b98bd737a08d3a53 (6.0-rc1)
+CVE-2022-50230 [arm64: set UXN on swapper page tables]
+ - linux 5.19.6-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9283e708a9b8529e7aafac9ab5c5c79a9fab8846 (5.19.1)
+CVE-2022-50229 [ALSA: bcd2000: Fix a UAF bug on the error path of probing]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/ffb2759df7efbc00187bfd9d1072434a13a54139 (6.0-rc1)
+CVE-2022-50228 [KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/f17c31c48e5cde9895a491d91c424eeeada3e134 (6.0-rc1)
+CVE-2022-50227 [KVM: x86/xen: Initialize Xen timer only once]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/af735db31285fa699384c649be72a9f32ecbb665 (6.0-rc1)
+CVE-2022-50226 [crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/13dc15a3f5fd7f884e4bfa8c011a0ae868df12ae (6.0-rc1)
+CVE-2022-50225 [riscv:uprobe fix SR_SPIE set/clear handling]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3dbe5829408bc1586f75b4667ef60e5aab0209c7 (6.0-rc1)
+CVE-2022-50224 [KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/6c6ab524cfae0799e55c82b2c1d61f1af0156f8d (6.0-rc1)
+CVE-2022-50223 [LoongArch: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/28e112afa44ad0814120d41c68fa72372a2cd2c2 (6.0-rc1)
+CVE-2022-50222 [tty: vt: initialize unicode screen buffer]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/af77c56aa35325daa2bc2bed5c2ebf169be61b86 (6.0-rc1)
+CVE-2022-50221 [drm/fb-helper: Fix out-of-bounds access]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ae25885bdf59fde40726863c57fd20e4a0642183 (6.0-rc1)
+CVE-2022-50220 [usbnet: Fix linkwatch use-after-free on disconnect]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/a69e617e533edddf3fa3123149900f36e0a6dc74 (6.0-rc1)
+CVE-2022-50219 [bpf: Fix KASAN use-after-free Read in compute_effective_progs]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/4c46091ee985ae84c60c5e95055d779fcd291d87 (6.0-rc1)
+CVE-2022-50218 [iio: light: isl29028: Fix the warning in isl29028_remove()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/06674fc7c003b9d0aa1d37fef7ab2c24802cc6ad (6.0-rc1)
+CVE-2022-50217 [fuse: write inode in fuse_release()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/035ff33cf4db101250fb980a3941bf078f37a544 (6.0-rc1)
+CVE-2022-50216 [md-raid: destroy the bitmap after destroying the thread]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/e151db8ecfb019b7da31d076130a794574c89f6f (6.0-rc1)
+CVE-2022-50215 [scsi: sg: Allow waiting for commands to complete on removed device]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/3455607fd7be10b449f5135c00dc306b85dc0d21 (6.0-rc1)
+CVE-2022-50214 [coresight: Clear the connection field properly]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/2af89ebacf299b7fba5f3087d35e8a286ec33706 (6.0-rc1)
+CVE-2022-50213 [netfilter: nf_tables: do not allow SET_ID to refer to another table]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2 (6.0-rc1)
+CVE-2022-50212 [netfilter: nf_tables: do not allow CHAIN_ID to refer to another table]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/95f466d22364a33d183509629d0879885b4f547e (6.0-rc1)
+CVE-2022-50211 [md-raid10: fix KASAN warning]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/d17f744e883b2f8d13cca252d71cfe8ace346f7d (6.0-rc1)
+CVE-2022-50210 [MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/e1a534f5d074db45ae5cbac41d8912b98e96a006 (6.0-rc1)
+CVE-2022-50209 [meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/a2106f38077e78afcb4bf98fdda3e162118cfb3d (6.0-rc1)
+CVE-2022-50208 [soc: amlogic: Fix refcount leak in meson-secure-pwrc.c]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/d18529a4c12f66d83daac78045ea54063bd43257 (6.0-rc1)
+CVE-2022-50207 [ARM: bcm: Fix refcount leak in bcm_kona_smc_init]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/cb23389a2458c2e4bfd6c86a513cbbe1c4d35e76 (6.0-rc1)
+CVE-2022-50206 [arm64: fix oops in concurrently setting insn_emulation sysctls]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/af483947d472eccb79e42059276c4deed76f99a6 (6.0-rc1)
+CVE-2022-50205 [ext2: Add more validity checks for inode counts]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/fa78f336937240d1bc598db817d638086060e7e9 (6.0-rc1)
+CVE-2022-50204 [ARM: OMAP2+: pdata-quirks: Fix refcount leak bug]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/5cdbab96bab314c6f2f5e4e8b8a019181328bf5f (6.0-rc1)
+CVE-2022-50203 [ARM: OMAP2+: display: Fix refcount leak bug]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/50b87a32a79bca6e275918a711fb8cc55e16d739 (6.0-rc1)
+CVE-2022-50202 [PM: hibernate: defer device probing when resuming from hibernation]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/8386c414e27caba8501119948e9551e52b527f59 (6.0-rc1)
+CVE-2022-50201 [selinux: fix memleak in security_read_state_kernel()]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/73de1befcc53a7c68b0c5e76b9b5ac41c517760f (6.0-rc1)
+CVE-2022-50200 [selinux: Add boundary check in put_entry()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/15ec76fb29be31df2bccb30fc09875274cba2776 (6.0-rc1)
+CVE-2022-50199 [ARM: OMAP2+: Fix refcount leak in omapdss_init_of]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/9705db1eff38d6b9114121f9e253746199b759c9 (6.0-rc1)
+CVE-2022-50198 [ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/942228fbf5d4901112178b93d41225be7c0dd9de (6.0-rc1)
+CVE-2022-50197 [cpufreq: zynq: Fix refcount leak in zynq_get_revision]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/d1ff2559cef0f6f8d97fba6337b28adb10689e16 (6.0-rc1)
+CVE-2022-50196 [soc: qcom: ocmem: Fix refcount leak in of_get_ocmem]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/92a563fcf14b3093226fb36f12e9b5cf630c5a5d (6.0-rc1)
+CVE-2022-50195 [ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/eb9e93937756a05787977875830c0dc482cb57e0 (6.0-rc1)
+CVE-2022-50194 [soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/e6e0951414a314e7db3e9e24fd924b3e15515288 (6.0-rc1)
+CVE-2022-50193 [erofs: wake up all waiters after z_erofs_lzma_head ready]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2df7c4bd7c1d2bc5ece5e9ed19dbd386810c2a65 (6.0-rc1)
+CVE-2022-50192 [spi: tegra20-slink: fix UAF in tegra_slink_remove()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7e9984d183bb1e99e766c5c2b950ff21f7f7b6c0 (6.0-rc1)
+CVE-2022-50191 [regulator: of: Fix refcount leak bug in of_get_regulation_constraints()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/66efb665cd5ad69b27dca8571bf89fc6b9c628a4 (6.0-rc1)
+CVE-2022-50190 [spi: Fix simplification of devm_spi_register_controller]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/43cc5a0afe4184a7fafe1eba32b5a11bb69c9ce0 (6.0-rc1)
+CVE-2022-50189 [tools/power turbostat: Fix file pointer leak]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5e5fd36c58d6c820f7292ee492c3731c9a104a41 (6.0-rc1)
+CVE-2022-50188 [drm/meson: Fix refcount leak in meson_encoder_hdmi_init]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7381076809586528e2a812a709e2758916318a99 (6.0-rc1)
+CVE-2022-50187 [ath11k: fix netdev open race]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/d4ba1ff87b17e81686ada8f429300876f55f95ad (6.0-rc1)
+CVE-2022-50186 [ath11k: fix missing skb drop on htc_tx_completion error]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e5646fe3b7ef739c392e59da7db6adf5e1fdef42 (6.0-rc1)
+CVE-2022-50185 [drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/136f614931a2bb73616b292cf542da3a18daefd5 (6.0-rc1)
+CVE-2022-50184 [drm/meson: encoder_hdmi: Fix refcount leak in meson_encoder_hdmi_init]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d82a5a4aae9d0203234737caed1bf470aa317568 (6.0-rc1)
+CVE-2022-50183 [drm/meson: encoder_cvbs: Fix refcount leak in meson_encoder_cvbs_init]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7d255ddbbf679aa47e041cbf68520fd985ed2279 (6.0-rc1)
+CVE-2022-50182 [media: imx-jpeg: Align upwards buffer size]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9e7aa76cdb02923ee23a0ddd48f38bdc3512f92b (6.0-rc1)
+CVE-2022-50181 [virtio-gpu: fix a missing check to avoid NULL dereference]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/bd63f11f4c3c46afec07d821f74736161ff6e526 (6.0-rc1)
+CVE-2022-50180 [wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/a8eb8e6f7159c7c20c0ddac428bde3d110890aa7 (6.0-rc1)
+CVE-2022-50179 [ath9k: fix use-after-free in ath9k_hif_usb_rx_cb]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/0ac4827f78c7ffe8eef074bc010e7e34bc22f533 (6.0-rc1)
+CVE-2022-50178 [wifi: rtw89: 8852a: rfk: fix div 0 exception]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/683a4647a7a3044868cfdc14c117525091b9fa0c (6.0-rc1)
+CVE-2022-50177 [rcutorture: Fix ksoftirqd boosting timing and iteration]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3002153a91a9732a6d1d0bb95138593c7da15743 (6.0-rc1)
+CVE-2022-50176 [drm/mcde: Fix refcount leak in mcde_dsi_bind]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/3a149169e4a2f9127022fec6ef5d71b4e804b3b9 (6.0-rc1)
+CVE-2022-50175 [media: tw686x: Fix memory leak in tw686x_video_init]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/e0b212ec9d8177d6f7c404315293f6a085d6ee42 (6.0-rc1)
+CVE-2022-50174 [net: hinic: avoid kernel hung in hinic_get_stats64()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/98f9fcdee35add80505b6c73f72de5f750d5c03c (6.0-rc1)
+CVE-2022-50173 [drm/msm/mdp5: Fix global state lock backoff]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/92ef86ab513593c6329d04146e61f9a670e72fc5 (6.0-rc1)
+CVE-2022-50172 [mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/cffd93411575afd987788e2ec3cb8eaff70f0215 (6.0-rc1)
+CVE-2022-50171 [crypto: hisilicon/sec - don't sleep when in softirq]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/02884a4f12de11f54d4ca67a07dd1f111d96fdbd (6.0-rc1)
+CVE-2022-50170 [kunit: executor: Fix a memory leak on failure in kunit_filter_tests]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/94681e289bf5d10c9db9db143d1a22d8717205c5 (6.0-rc1)
+CVE-2022-50169 [wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/7a4836560a6198d245d5732e26f94898b12eb760 (6.0-rc1)
+CVE-2022-50168 [bpf, x86: fix freeing of not-finalized bpf_prog_pack]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1d5f82d9dd477d5c66e0214a68c3e4f308eadd6d (6.0-rc1)
+CVE-2022-50167 [bpf: fix potential 32-bit overflow when accessing ARRAY map element]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/87ac0d600943994444e24382a87aa19acc4cd3d4 (6.0-rc1)
+CVE-2022-50166 [Bluetooth: When HCI work queue is drained, only queue chained work]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/877afadad2dce8aae1f2aad8ce47e072d4f6165e (6.0-rc1)
+CVE-2022-50165 [wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/d578e0af3a003736f6c440188b156483d451b329 (6.0-rc1)
+CVE-2022-50164 [wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/14a3aacf517a9de725dd3219dbbcf741e31763c4 (6.0-rc1)
+CVE-2022-50163 [ax25: fix incorrect dev_tracker usage]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/d7c4c9e075f8cc6d88d277bc24e5d99297f03c06 (6.0-rc1)
+CVE-2022-50162 [wifi: libertas: Fix possible refcount leak in if_usb_probe()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/6fd57e1d120bf13d4dc6c200a7cf914e6347a316 (6.0-rc1)
+CVE-2022-50161 [mtd: maps: Fix refcount leak in of_flash_probe_versatile]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/33ec82a6d2b119938f26e5c8040ed5d92378eb54 (6.0-rc1)
+CVE-2022-50160 [mtd: maps: Fix refcount leak in ap_flash_init]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/77087a04c8fd554134bddcb8a9ff87b21f357926 (6.0-rc1)
+CVE-2022-50159 [of: check previous kernel's ima-kexec-buffer against memory bounds]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/cbf9c4b9617b6767886a913705ca14b7600c77db (6.0-rc1)
+CVE-2022-50158 [mtd: partitions: Fix refcount leak in parse_redboot_of]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/9f7e62815cf3cbbcb1b8cb21649fb4dfdb3aa016 (6.0-rc1)
+CVE-2022-50157 [PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f030304fdeb87ec8f1b518c73703214aec6cc24a (6.0-rc1)
+CVE-2022-50156 [HID: cp2112: prevent a buffer overflow in cp2112_xfer()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/381583845d19cb4bd21c8193449385f3fefa9caf (6.0-rc1)
+CVE-2022-50155 [mtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e607879b0da18c451de5e91daf239cc2f2f8ff2d (6.0-rc1)
+CVE-2022-50154 [PCI: mediatek-gen3: Fix refcount leak in mtk_pcie_init_irq_domains()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bf038503d5fe90189743124233fe7aeb0984e961 (6.0-rc1)
+CVE-2022-50153 [usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b5c5b13cb45e2c88181308186b0001992cb41954 (6.0-rc1)
+CVE-2022-50152 [usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/302970b4cad3ebfda2c05ce06c322ccdc447d17e (6.0-rc1)
+CVE-2022-50151 [usb: cdns3: fix random warning message when driver load]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/8659ab3d936fcf0084676f98b75b317017aa8f82 (6.0-rc1)
+CVE-2022-50150 [mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/a52ed4866d2b90dd5e4ae9dabd453f3ed8fa3cbc (6.0-rc1)
+CVE-2022-50149 [driver core: fix potential deadlock in __driver_attach]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/70fe758352cafdee72a7b13bf9db065f9613ced8 (6.0-rc1)
+CVE-2022-50148 [kernfs: fix potential NULL dereference in __kernfs_remove]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/72b5d5aef246a0387cefa23121dd90901c7a691a (6.0-rc1)
+CVE-2022-50147 [mm/mempolicy: fix get_nodes out of bound access]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/000eca5d044d1ee23b4ca311793cf3fc528da6c6 (6.0-rc1)
+CVE-2022-50146 [PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/8161e9626b50892eaedbd8070ecb1586ecedb109 (6.0-rc1)
+CVE-2022-50145 [dmaengine: sf-pdma: Add multithread support for a DMA channel]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b2cc5c465c2cb8ab697c3fd6583c614e3f6cfbcc (6.0-rc1)
+CVE-2022-50144 [soundwire: revisit driver bind/unbind and callbacks]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/bd29c00edd0a5dac8b6e7332bb470cd50f92e893 (6.0-rc1)
+CVE-2022-50143 [intel_th: Fix a resource leak in an error handling path]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/086c28ab7c5699256aced0049aae9c42f1410313 (6.0-rc1)
+CVE-2022-50142 [intel_th: msu: Fix vmalloced buffers]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/ac12ad3ccf6d386e64a9d6a890595a2509d24edd (6.0-rc1)
+CVE-2022-50141 [mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b5899a3e2f783a27b268e38d37f9b24c71bddf45 (6.0-rc1)
+CVE-2022-50140 [memstick/ms_block: Fix a memory leak]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/54eb7a55be6779c4d0c25eaf5056498a28595049 (6.0-rc1)
+CVE-2022-50139 [usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/220fafb4ed04187e9c17be4152da5a7f2ffbdd8c (6.0-rc1)
+CVE-2022-50138 [RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b3236a64ddd125a455ef5b5316c1b9051b732974 (6.0-rc1)
+CVE-2022-50137 [RDMA/irdma: Fix a window for use-after-free]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8ecef7890b3aea78c8bbb501a4b5b8134367b821 (6.0-rc1)
+CVE-2022-50136 [RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/3056fc6c32e613b760422b94c7617ac9a24a4721 (6.0-rc1)
+CVE-2022-50135 [RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/37da51efe6eaa0560f46803c8c436a48a2084da7 (6.0-rc1)
+CVE-2022-50134 [RDMA/hfi1: fix potential memory leak in setup_base_ctxt()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/aa2a1df3a2c85f855af7d54466ac10bd48645d63 (6.0-rc1)
+CVE-2022-50133 [usb: xhci_plat_remove: avoid NULL dereference]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d7de14d74d6551f0d097430f9893ce82ad17e5b8 (6.0-rc1)
+CVE-2022-50132 [usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/c3ffc9c4ca44bfe9562166793d133e1fb0630ea6 (6.0-rc1)
+CVE-2022-50131 [HID: mcp2221: prevent a buffer overflow in mcp_smbus_write()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/62ac2473553a00229e67bdf3cb023b62cf7f5a9a (6.0-rc1)
+CVE-2022-50130 [staging: fbtft: core: set smem_len before fb_deferred_io_init call]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/81e878887ff82a7dd42f22951391069a5d520627 (6.0-rc1)
+CVE-2022-50129 [RDMA/srpt: Fix a use-after-free]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b5605148e6ce36bb21020d49010b617693933128 (6.0-rc1)
+CVE-2022-50128 [android: binder: stop saving a pointer to the VMA]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/a43cfc87caaf46710c8027a8c23b8a55f1078f19 (6.0-rc1)
+CVE-2022-50127 [RDMA/rxe: Fix error unwind in rxe_create_qp()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/fd5382c5805c4bcb50fd25b7246247d3f7114733 (6.0-rc1)
+CVE-2022-50126 [jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/4a734f0869f970b8a9b65062ea40b09a5da9dba8 (6.0-rc1)
+CVE-2022-50125 [ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/0a034d93ee929a9ea89f3fa5f1d8492435b9ee6e (6.0-rc1)
+CVE-2022-50124 [ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/7472eb8d7dd12b6b9b1a4f4527719cc9c7f5965f (6.0-rc1)
+CVE-2022-50123 [ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/ae4f11c1ed2d67192fdf3d89db719ee439827c11 (6.0-rc1)
+CVE-2022-50122 [ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/efe2178d1a32492f99e7f1f2568eea5c88a85729 (6.0-rc1)
+CVE-2022-50121 [remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/fa220c05d282e7479abe08b54e3bdffd06c25e97 (6.0-rc1)
+CVE-2022-50120 [remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/61afafe8b938bc74841cf4b1a73dd08b9d287c5a (6.0-rc1)
+CVE-2022-50119 [rpmsg: Fix possible refcount leak in rpmsg_register_device_override()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.205-1
+ NOTE: https://git.kernel.org/linus/d7bd416d35121c95fe47330e09a5c04adbc5f928 (6.0-rc1)
+CVE-2022-50118 [powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/890005a7d98f7452cfe86dcfb2aeeb7df01132ce (6.0-rc1)
+CVE-2022-50117 [vfio: Split migration ops from main device ops]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367 (6.0-rc1)
+CVE-2022-50116 [tty: n_gsm: fix deadlock and link starvation in outgoing data path]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/0af021678d5d30c31f5a6b631f404ead3575212a (6.0-rc1)
+CVE-2022-50115 [ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d5bd47f3ca124058a8e87eae4508afeda2132611 (6.0-rc1)
+CVE-2022-50114 [net: 9p: fix refcount leak in p9_read_work() error handling]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/4ac7573e1f9333073fa8d303acc941c9b7ab7f61 (6.0-rc1)
+CVE-2022-50113 [ASoc: audio-graph-card2: Fix refcount leak bug in __graph_get_type()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/eda26893dabfc6da7a1e1ff5f8628ed9faab3ab9 (6.0-rc1)
+CVE-2022-50112 [rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/65382585f067d4256ba087934f30f85c9b6984de (6.0-rc1)
+CVE-2022-50111 [ASoC: mt6359: Fix refcount leak bug]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/a8d5df69e2ec702d979f7d04ed519caf8691a032 (6.0-rc1)
+CVE-2022-50110 [watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c6d9c0798ed366a09a9e53d71edcd2266e34a6eb (6.0-rc1)
+CVE-2022-50109 [video: fbdev: amba-clcd: Fix refcount leak bugs]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/26c2b7d9fac42eb8317f3ceefa4c1a9a9170ca69 (6.0-rc1)
+CVE-2022-50108 [mfd: max77620: Fix refcount leak in max77620_initialise_fps]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/1520669c8255bd637c6b248b2be910e2688d38dd (6.0-rc1)
+CVE-2022-50107 [cifs: Fix memory leak when using fscache]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c6f62f81b488d00afaa86bae26c6ce9ab12c709e (6.0-rc1)
+CVE-2022-50106 [powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/df5d4b616ee76abc97e5bd348e22659c2b095b1c (6.0-rc1)
+CVE-2022-50105 [powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/6ac059dacffa8ab2f7798f20e4bd3333890c541c (6.0-rc1)
+CVE-2022-50104 [powerpc/xive: Fix refcount leak in xive_get_max_prio]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/255b650cbec6849443ce2e0cdd187fd5e61c218c (6.0-rc1)
+CVE-2022-50103 [sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b6e8d40d43ae4dec00c8fea2593eeea3114b8f44 (6.0-rc1)
+CVE-2022-50102 [video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/2f1c4523f7a3aaabe7e53d3ebd378292947e95c8 (6.0-rc1)
+CVE-2022-50101 [video: fbdev: vt8623fb: Check the size of screen before memset_io()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/ec0754c60217248fa77cc9005d66b2b55200ac06 (6.0-rc1)
+CVE-2022-50100 [sched/core: Do not requeue task on CPU excluded from cpus_mask]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/751d4cbc43879229dbc124afefe240b70fd29a85 (6.0-rc1)
+CVE-2022-50099 [video: fbdev: arkfb: Check the size of screen before memset_io()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/96b550971c65d54d64728d8ba973487878a06454 (6.0-rc1)
+CVE-2022-50098 [scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/c39587bc0abaf16593f7abcdf8aeec3c038c7d52 (6.0-rc1)
+CVE-2022-50097 [video: fbdev: s3fb: Check the size of screen before memset_io()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/6ba592fa014f21f35a8ee8da4ca7b95a018f13e8 (6.0-rc1)
+CVE-2022-50096 [x86/kprobes: Update kcb status flag after singlestepping]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.191-1
+ NOTE: https://git.kernel.org/linus/dec8784c9088b131a1523f582c2194cfc8107dc0 (6.0-rc1)
+CVE-2022-50095 [posix-cpu-timers: Cleanup CPU timers before freeing them during exec]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/e362359ace6f87c201531872486ff295df306d13 (6.0-rc1)
+CVE-2022-50094 [spmi: trace: fix stack-out-of-bound access in SPMI tracing functions]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/2af28b241eea816e6f7668d1954f15894b45d7e3 (6.0-rc1)
+CVE-2022-50093 [iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b0b0b77ea611e3088e9523e60860f4f41b62b235 (6.0-rc1)
+CVE-2022-50092 [dm thin: fix use-after-free crash in dm_sm_register_threshold_callback]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/3534e5a5ed2997ca1b00f44a0378a075bd05e8a3 (6.0-rc1)
+CVE-2022-50091 [locking/csd_lock: Change csdlock_debug from early_param to __setup]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9c9b26b0df270d4f9246e483a44686fca951a29c (6.0-rc1)
+CVE-2022-50090 [btrfs: replace BTRFS_MAX_EXTENT_SIZE with fs_info->max_extent_size]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f7b12a62f008a3041f42f2426983e59a6a0a3c59 (6.0-rc1)
+CVE-2022-50089 [btrfs: ensure pages are unlocked on cow_file_range() failure]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9ce7466f372d83054c7494f6b3e4b9abaf3f0355 (6.0-rc1)
+CVE-2022-50088 [mm/damon/reclaim: fix potential memory leak in damon_reclaim_init()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/188043c7f4f2bd662f2a55957d684fffa543e600 (6.0-rc1)
+CVE-2022-50087 [firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/689640efc0a2c4e07e6f88affe6d42cd40cc3f85 (6.0-rc1)
+CVE-2022-50086 [block: don't allow the same type rq_qos add more than once]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/14a6e2eb7df5c7897c15b109cba29ab0c4a791b6 (6.0-rc1)
+CVE-2022-50085 [dm raid: fix address sanitizer warning in raid_resume]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/7dad24db59d2d2803576f2e3645728866a056dab (6.0-rc1)
+CVE-2022-50084 [dm raid: fix address sanitizer warning in raid_status]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/1fbeea217d8f297fe0e0956a1516d14ba97d0396 (6.0-rc1)
+CVE-2022-50083 [ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/179b14152dcb6a24c3415200603aebca70ff13af (6.0-rc1)
+CVE-2022-50082 [ext4: fix warning in ext4_iomap_begin as race between bmap and write]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/51ae846cff568c8c29921b1b28eb2dfbcd4ac12d (6.0-rc1)
+CVE-2022-50081 [KVM: Unconditionally get a ref to /dev/kvm module when creating a VM]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/405294f29faee5de8c10cb9d4a90e229c2835279 (6.0-rc2)
+CVE-2022-50080 [tee: add overflow check in register_shm_helper()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/573ae4f13f630d6660008f1974c0a8a29c30e18a (6.0-rc2)
+CVE-2022-50079 [drm/amd/display: Check correct bounds for stream encoder instances for DCN303]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/89b008222c2bf21e50219725caed31590edfd9d1 (6.0-rc2)
+CVE-2022-50078 [tracing/eprobes: Do not allow eprobes to use $stack, or % for regs]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2673c60ee67e71f2ebe34386e62d348f71edee47 (6.0-rc2)
+CVE-2022-50077 [apparmor: fix reference count leak in aa_pivotroot()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/11c3627ec6b56c1525013f336f41b79a983b4d46 (6.0-rc1)
+CVE-2022-50076 [cifs: Fix memory leak on the deferred close]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ca08d0eac020d48a3141dbec0a3cf64fbdb17cde (6.0-rc2)
+CVE-2022-50075 [tracing/eprobes: Have event probes be consistent with kprobes and uprobes]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6a832ec3d680b3a4f4fad5752672827d71bae501 (6.0-rc2)
+CVE-2022-50074 [apparmor: Fix memleak in aa_simple_write_to_buffer()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/417ea9fe972d2654a268ad66e89c8fcae67017c3 (6.0-rc1)
+CVE-2022-50073 [net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/4f61f133f354853bc394ec7d6028adb9b02dd701 (6.0-rc1)
+CVE-2022-50072 [NFSv4/pnfs: Fix a use-after-free bug in open]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/2135e5d56278ffdb1c2e6d325dc6b87f669b9dac (6.0-rc1)
+CVE-2022-50071 [mptcp: move subflow cleanup in mptcp_destroy_common()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c0bf3c6aa444a5ef44acc57ef6cfa53fd4fc1c9b (6.0-rc1)
+CVE-2022-50070 [mptcp: do not queue data on closed subflows]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/c886d70286bf3ad411eb3d689328a67f7102c6ae (6.0-rc1)
+CVE-2022-50069 [BPF: Fix potential bad pointer dereference in bpf_sys_bpf()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e2dcac2f58f5a95ab092d1da237ffdc0da1832cf (6.0-rc1)
+CVE-2022-50068 [drm/ttm: Fix dummy res NULL ptr deref bug]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/cf4b7387c0a842d64bdd7c353e6d3298174a7740 (6.0-rc2)
+CVE-2022-50067 [btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.191-1
+ NOTE: https://git.kernel.org/linus/85f02d6c856b9f3a0acf5219de6e32f58b9778eb (6.0-rc2)
+CVE-2022-50066 [net: atlantic: fix aq_vec index out of range error]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/2ba5e47fb75fbb8fab45f5c1bc8d5c33d8834bd3 (6.0-rc1)
+CVE-2022-50065 [virtio_net: fix memory leak inside XPD_TX with mergeable]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/7a542bee27c6a57e45c33cbbdc963325fd6493af (6.0-rc1)
+CVE-2022-50064 [virtio-blk: Avoid use-after-free on suspend/resume]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8d12ec10292877751ee4463b11a63bd850bc09b5 (6.0-rc1)
+CVE-2022-50063 [net: dsa: felix: suppress non-changes to the tagging protocol]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4c46bb49460ee14c69629e813640d8b929e88941 (6.0-rc1)
+CVE-2022-50062 [net: bgmac: Fix a BUG triggered by wrong bytes_compl]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/1b7680c6c1f6de9904f1d9b05c952f0c64a03350 (6.0-rc1)
+CVE-2022-50061 [pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/4b32e054335ea0ce50967f63a7bfd4db058b14b9 (6.0-rc1)
+CVE-2022-50060 [octeontx2-af: Fix mcam entry resource leak]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/3f8fe40ab7730cf8eb6f8b8ff412012f7f6f8f48 (6.0-rc1)
+CVE-2022-50059 [ceph: don't leak snap_rwsem in handle_cap_grant]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/58dd4385577ed7969b80cdc9e2a31575aba6c712 (6.0-rc1)
+CVE-2022-50058 [vdpa_sim_blk: set number of address spaces and virtqueue groups]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/19cd4a5471b8eaa4bd161b0fdb4567f2fc88d809 (6.0-rc1)
+CVE-2022-50057 [fs/ntfs3: Fix NULL deref in ntfs_update_mftmirr]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/321460ca3b55f48b3ba6008248264ab2bd6407d9 (6.0-rc2)
+CVE-2022-50056 [fs/ntfs3: Fix missing i_op in ntfs_read_mft]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/37a530bfe56ca9a0d3129598803f2794c7428aae (6.0-rc2)
+CVE-2022-50055 [iavf: Fix adminq error handling]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/419831617ed349992c84344dbd9e627f9e68f842 (6.0-rc2)
+CVE-2022-50054 [iavf: Fix NULL pointer dereference in iavf_get_link_ksettings]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/541a1af451b0cb3779e915d48d08efb17915207b (6.0-rc2)
+CVE-2022-50053 [iavf: Fix reset error handling]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/31071173771e079f7bc08dacd61e0db913262fbf (6.0-rc2)
+CVE-2022-50052 [ASoC: Intel: avs: Fix potential buffer overflow by snprintf()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00 (6.0-rc2)
+CVE-2022-50051 [ASoC: SOF: debug: Fix potential buffer overflow by snprintf()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1eb123ce985e6cf302ac6e3f19862d132d86fa8f (6.0-rc2)
+CVE-2022-50050 [ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf()]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/94c1ceb043c1a002de9649bb630c8e8347645982 (6.0-rc2)
+CVE-2022-50049 [ASoC: DPCM: Don't pick up BE without substream]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/754590651ccbbcc74a7c20907be4bb15d642bde3 (6.0-rc2)
+CVE-2022-50048 [netfilter: nf_tables: possible module reference underflow in error path]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c485c35ff6783ccd12c160fcac6a0e504e83e0bf (6.0-rc2)
+CVE-2022-50047 [net: dsa: mv88e6060: prevent crash on an unused port]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/246bbf2f977ea36aaf41f5d24370fef433250728 (6.0-rc2)
+CVE-2022-50046 [net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bfc48f1b0505ffcb03a6d749139b7577d6b81ae0 (6.0-rc2)
+CVE-2022-50045 [powerpc/pci: Fix get_phb_number() locking]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/8d48562a2729742f767b0fdd994d6b2a56a49c63 (6.0-rc2)
+CVE-2022-50044 [net: qrtr: start MHI channel after endpoit creation]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/68a838b84effb7b57ba7d50b1863fc6ae35a54ce (6.0-rc2)
+CVE-2022-50043 [net: fix potential refcount leak in ndisc_router_discovery()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7396ba87f1edf549284869451665c7c4e74ecd4f (6.0-rc2)
+CVE-2022-50042 [net: genl: fix error path memory leak in policy dumping]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/249801360db3dec4f73768c502192020bfddeacc (6.0-rc2)
+CVE-2022-50041 [ice: Fix call trace with null VSI during VF reset]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cf90b74341eecc32ceef0c136954a1668e43b1e7 (6.0-rc2)
+CVE-2022-50040 [net: dsa: sja1105: fix buffer overflow in sja1105_setup_devlink_regions()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/fd8e899cdb5ecaf8e8ee73854a99e10807eef1de (6.0-rc2)
+CVE-2022-50039 [stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/5c23d6b717e4e956376f3852b90f58e262946b50 (6.0-rc2)
+CVE-2022-50038 [drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/91b3c8dbe898df158fd2a84675f3a284ff6666f7 (6.0-rc2)
+CVE-2022-50037 [drm/i915/ttm: don't leak the ccs state]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/232d150fa15606e96c0e01e5c7a2d4e03f621787 (6.0-rc2)
+CVE-2022-50036 [drm/sun4i: dsi: Prevent underflow when computing packet sizes]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/82a1356a933d8443139f8886f11b63c974a09a67 (6.0-rc2)
+CVE-2022-50035 [drm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bbca24d0a3c11193bafb9e174f89f52a379006e3 (6.0-rc2)
+CVE-2022-50034 [usb: cdns3 fix use-after-free at workaround 2]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/7d602f30149a117eea260208b1661bc404c21dfd (6.0-rc1)
+CVE-2022-50033 [usb: host: ohci-ppc-of: Fix refcount leak bug]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/40a959d7042bb7711e404ad2318b30e9f92c6b9b (6.0-rc1)
+CVE-2022-50032 [usb: renesas: Fix refcount leak bug]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/9d6d5303c39b8bc182475b22f45504106a07f086 (6.0-rc1)
+CVE-2022-50031 [scsi: iscsi: Fix HW conn removal use after free]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/c577ab7ba5f3bf9062db8a58b6e89d4fe370447e (6.0-rc1)
+CVE-2022-50030 [scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/f8191d40aa612981ce897e66cda6a88db8df17bb (6.0-rc1)
+CVE-2022-50029 [clk: qcom: ipq8074: dont disable gcc_sleep_clk_src]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/1bf7305e79aab095196131bdc87a97796e0e3fac (6.0-rc1)
+CVE-2022-50028 [gadgetfs: ep_io - wait until IRQ finishes]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/04cb742d4d8f30dc2e83b46ac317eec09191c68e (6.0-rc1)
+CVE-2022-50027 [scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/2f67dc7970bce3529edce93a0a14234d88b3fcd5 (6.0-rc1)
+CVE-2022-50026 [habanalabs/gaudi: fix shift out of bounds]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/01622098aeb05a5efbb727199bbc2a4653393255 (6.0-rc1)
+CVE-2022-50025 [cxl: Fix a memory leak in an error handling path]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/3a15b45b5454da862376b5d69a4967f5c6fa1368 (6.0-rc1)
+CVE-2022-50024 [dmaengine: dw-axi-dmac: do not print NULL LLI during error]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/86cb0defe0e275453bc39e856bb523eb425a6537 (6.0-rc1)
+CVE-2022-50023 [dmaengine: dw-axi-dmac: ignore interrupt if no descriptor]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/820f5ce999d2f99961e88c16d65cd26764df0590 (6.0-rc1)
+CVE-2022-50022 [drivers:md:fix a potential use-after-free bug]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/104212471b1c1817b311771d817fb692af983173 (6.0-rc1)
+CVE-2022-50021 [ext4: block range must be validated before use in ext4_mb_clear_bb()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/1e1c2b86ef86a8477fd9b9a4f48a6bfe235606f6 (6.0-rc1)
+CVE-2022-50020 [ext4: avoid resizing to a partial cluster size]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/69cb8e9d8cd97cdf5e293b26d70a9dee3e35e6bd (6.0-rc1)
+CVE-2022-50019 [tty: serial: Fix refcount leak bug in ucc_uart.c]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/d24d7bb2cd947676f9b71fb944d045e09b8b282f (6.0-rc1)
+CVE-2022-50018 [ALSA: hda: Fix page fault in snd_hda_codec_shutdown()]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/980b3a8790b402e959a6d773b38b771019682be1 (6.0-rc1)
+CVE-2022-50017 [mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/7a9f743ceead60ed454c46fbc3085ee9a79cbebb (6.0-rc1)
+CVE-2022-50016 [ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/acacd9eefd0def5a83244d88e5483b5f38ee7287 (6.0-rc1)
+CVE-2022-50015 [ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/499cc881b09c8283ab5e75b0d6d21cb427722161 (6.0-rc1)
+CVE-2022-50014 [mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5535be3099717646781ce1540cf725965d680e7b (6.0-rc3)
+CVE-2022-50013 [f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/141170b759e03958f296033bb7001be62d1d363b (6.0-rc1)
+CVE-2022-50012 [powerpc/64: Init jump labels before parse_early_param()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/ca829e05d3d4f728810cc5e4b468d9ebc7745eb3 (6.0-rc1)
+CVE-2022-50011 [venus: pm_helpers: Fix warning in OPP during probe]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/1d95af02f23031c2e1cca7607c514b86ce85bc6e (6.0-rc1)
+CVE-2022-50010 [video: fbdev: i740fb: Check the argument of i740_calc_vclk()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/40bf722f8064f50200b8c4f8946cd625b441dda9 (6.0-rc1)
+CVE-2022-50009 [f2fs: fix null-ptr-deref in f2fs_get_dnode_of_data]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/4a2c5b7994960fac29cf8a3f4e62855bae1b27d4 (6.0-rc1)
+CVE-2022-50008 [kprobes: don't call disarm_kprobe() for disabled kprobes]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/9c80e79906b4ca440d09e7f116609262bb747909 (6.0-rc3)
+CVE-2022-50007 [xfrm: fix refcount leak in __xfrm_policy_check()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/9c9cb23e00ddf45679b21b4dacc11d1ae7961ebe (6.0-rc3)
+CVE-2022-50006 [NFSv4.2 fix problems with __nfs42_ssc_open]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/fcfc8be1e9cf2f12b50dce8b579b3ae54443a014 (6.0-rc3)
+CVE-2022-50005 [nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/f1e941dbf80a9b8bab0bffbc4cbe41cc7f4c6fb6 (6.0-rc3)
+CVE-2022-50004 [xfrm: policy: fix metadata dst->dev xmit null pointer dereference]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/17ecd4a4db4783392edd4944f5e8268205083f70 (6.0-rc3)
+CVE-2022-50003 [ice: xsk: prohibit usage of non-balanced queue id]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/5a42f112d367bb4700a8a41f5c12724fde6bfbb9 (6.0-rc3)
+CVE-2022-50002 [net/mlx5: LAG, fix logic over MLX5_LAG_FLAG_NDEVS_READY]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a6e675a66175869b7d87c0e1dd0ddf93e04f8098 (6.0-rc3)
+CVE-2022-50001 [netfilter: nft_tproxy: restrict to prerouting hook]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/18bbc3213383a82b05383827f4b1b882e3f0a5a5 (6.0-rc3)
+CVE-2022-50000 [netfilter: flowtable: fix stuck flows on cleanup due to pending work]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/9afb4b27349a499483ae0134282cefd0c90f480f (6.0-rc3)
+CVE-2022-49999 [btrfs: fix space cache corruption and potential double allocations]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ced8ecf026fd8084cf175530ff85c76d6085d715 (6.0-rc3)
+CVE-2022-49998 [rxrpc: Fix locking in rxrpc's sendmsg]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/b0f571ecd7943423c25947439045f0d352ca3dbf (6.0-rc3)
+CVE-2022-49997 [net: lantiq_xrx200: restore buffer if memory allocation failed]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/c9c3b1775f80fa21f5bff874027d2ccb10f5d90c (6.0-rc3)
+CVE-2022-49996 [btrfs: fix possible memory leak in btrfs_get_dev_args_from_path()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9ea0106a7a3d8116860712e3f17cd52ce99f6707 (6.0-rc3)
+CVE-2022-49995 [writeback: avoid use-after-free after removing device]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f87904c075515f3e1d8f4a7115869d3b914674fd (6.0-rc3)
+CVE-2022-49994 [bootmem: remove the vmemmap pages from kmemleak in put_page_bootmem]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dd0ff4d12dd284c334f7e9b07f8f335af856ac78 (6.0-rc3)
+CVE-2022-49993 [loop: Check for overflow while configuring loop]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/c490a0b5a4f36da3918181a8acdc6991d967c5f3 (6.0-rc3)
+CVE-2022-49992 [mm/mprotect: only reference swap pfn page if type match]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3d2f78f08cd8388035ac375e731ec1ac1b79b09d (6.0-rc3)
+CVE-2022-49991 [mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ab74ef708dc51df7cf2b8a890b9c6990fac5c0c6 (6.0-rc3)
+CVE-2022-49990 [s390: fix double free of GS and RI CBs on fork() failure]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/13cccafe0edcd03bf1c841de8ab8a1c8e34f77d9 (6.0-rc3)
+CVE-2022-49989 [xen/privcmd: fix error exit of privcmd_ioctl_dm_op()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/c5deb27895e017a0267de0a20d140ad5fcc55a54 (6.0-rc3)
+CVE-2022-49988 [binder_alloc: add missing mmap_lock calls when using the VMA]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/44e602b4e52f70f04620bbbf4fe46ecb40170bde (6.0-rc3)
+CVE-2022-49987 [md: call __md_stop_writes in md_stop]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/0dd84b319352bb8ba64752d4e45396d8b13e6018 (6.0-rc3)
+CVE-2022-49986 [scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/d957e7ffb2c72410bcc1a514153a46719255a5da (6.0-rc3)
+CVE-2022-49985 [bpf: Don't use tnum_range on array range checking for poke descriptors]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.140-1
+ NOTE: https://git.kernel.org/linus/a657182a5c5150cdfacb6640aad1d2712571a409 (6.0-rc4)
+CVE-2022-49984 [HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/cd11d1a6114bd4bc6450ae59f6e110ec47362126 (6.0-rc4)
+CVE-2022-49983 [udmabuf: Set the DMA mask for the udmabuf device (v2)]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/9e9fa6a9198b767b00f48160800128e83a038f9f (6.0-rc1)
+CVE-2022-49982 [media: pvrusb2: fix memory leak in pvr_probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/945a9a8e448b65bec055d37eba58f711b39f66f0 (6.0-rc1)
+CVE-2022-49981 [HID: hidraw: fix memory leak in hidraw_release()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/a5623a203cffe2d2b84d2f6c989d9017db1856af (6.0-rc4)
+CVE-2022-49980 [USB: gadget: Fix use-after-free Read in usb_udc_uevent()]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/2191c00855b03aa59c20e698be713d952d51fc18 (6.0-rc1)
+CVE-2022-49979 [net: fix refcount bug in sk_psock_get (2)]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/2a0133723f9ebeb751cfce19f74ec07e108bef1f (6.0-rc1)
+CVE-2022-49978 [fbdev: fb_pm2fb: Avoid potential divide by zero error]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/19f953e7435644b81332dd632ba1b2d80b1e37af (6.0-rc3)
+CVE-2022-49977 [ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/c3b0f72e805f0801f05fa2aa52011c4bfc694c44 (6.0-rc2)
+CVE-2022-49976 [platform/x86: x86-android-tablets: Fix broken touchscreen on Chuwi Hi8 with Windows BIOS]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2986c51540ed50ac654ffb5a772e546c02628c91 (6.0-rc4)
+CVE-2022-49975 [bpf: Don't redirect packets with invalid pkt_len]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/fd1894224407c484f652ad456e1ce423e89bb3eb (6.0-rc1)
+CVE-2022-49974 [HID: nintendo: fix rumble worker null pointer deref]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/1ff89e06c2e5fab30274e4b02360d4241d6e605e (6.0-rc4)
+CVE-2022-49973 [skmsg: Fix wrong last sg check in sk_msg_recvmsg()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/583585e48d965338e73e1eb383768d16e0922d73 (6.0-rc4)
+CVE-2022-49972 [xsk: Fix corrupted packets for XDP_SHARED_UMEM]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/58ca14ed98c87cfe0d1408cc65a9745d9e9b7a56 (6.0-rc4)
+CVE-2022-49971 [drm/amd/pm: Fix a potential gpu_metrics_table memory leak]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/5afb76522a0af0513b6dc01f84128a73206b051b (6.0-rc2)
+CVE-2022-49970 [bpf, cgroup: Fix kernel BUG in purge_effective_progs]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/7d6620f107bae6ed687ff07668e8e8f855487aa9 (6.0-rc4)
+CVE-2022-49969 [drm/amd/display: clear optc underflow before turn off odm clock]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/b2a93490201300a749ad261b5c5d05cb50179c44 (6.0-rc2)
+CVE-2022-49968 [ieee802154/adf7242: defer destroy_workqueue call]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/afe7116f6d3b888778ed6d95e3cf724767b9aedf (6.0-rc4)
+CVE-2022-49967 [bpf: Fix a data-race around bpf_jit_limit.]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/0947ae1121083d363d522ff7518ee72b55bd8d29 (6.0-rc4)
+CVE-2022-49966 [drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/0a2d922a5618377cdf8fa476351362733ef55342 (6.0-rc2)
+CVE-2022-49965 [drm/amd/pm: add missing ->fini_xxxx interfaces for some SMU13 asics]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/4bac1c846eff8042dd59ddecd0a43f3b9de5fd23 (6.0-rc2)
+CVE-2022-49964 [arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/e75d18cecbb3805895d8ed64da4f78575ec96043 (6.0-rc3)
+CVE-2022-49963 [drm/i915/ttm: fix CCS handling]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8d905254162965c8e6be697d82c7dbf5d08f574d (6.0-rc4)
+CVE-2022-49962 [xhci: Fix null pointer dereference in remove if xHC has only one roothub]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4a593a62a9e3a25ab4bc37f612e4edec144f7f43 (6.0-rc4)
+CVE-2022-49961 [bpf: Do mark_chain_precision for ARG_CONST_ALLOC_SIZE_OR_ZERO]
+ - linux 6.0.2-1
+ NOTE: https://git.kernel.org/linus/2fc31465c5373b5ca4edf2e5238558cb62902311 (6.0-rc4)
+CVE-2022-49960 [drm/i915: fix null pointer dereference]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/458ec0c8f35963626ccd51c3d50b752de5f1b9d4 (6.0-rc4)
+CVE-2022-49959 [openvswitch: fix memory leak at failed datapath creation]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a87406f4adee9c53b311d8a1ba2849c69e29a6d0 (6.0-rc4)
+CVE-2022-49958 [net/sched: fix netdevice reference leaks in attach_default_qdiscs()]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/f612466ebecb12a00d9152344ddda6f6345f04dc (6.0-rc4)
+CVE-2022-49957 [kcm: fix strp_init() order and cleanup]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/8fc29ff3910f3af08a7c40a75d436b5720efe2bf (6.0-rc4)
+CVE-2022-49956 [staging: rtl8712: fix use after free bugs]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/e230a4455ac3e9b112f0367d1b8e255e141afae0 (6.0-rc4)
+CVE-2022-49955 [powerpc/rtas: Fix RTAS MSR[HV] handling for Cell]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/91926d8b7e71aaf5f84f0cf208fc5a8b7a761050 (6.0-rc4)
+CVE-2022-49954 [Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/98e01215708b6d416345465c09dce2bd4868c67a (6.0-rc4)
+CVE-2022-49953 [iio: light: cm3605: Fix an error handling path in cm3605_probe()]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/160905549e663019e26395ed9d66c24ee2cf5187 (6.0-rc4)
+CVE-2022-49952 [misc: fastrpc: fix memory corruption on probe]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/9baa1415d9abdd1e08362ea2dcfadfacee8690b5 (6.0-rc4)
+CVE-2022-49951 [firmware_loader: Fix use-after-free during unregister]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8b40c38e37492b5bdf8e95b46b5cca9517a9957a (6.0-rc4)
+CVE-2022-49950 [misc: fastrpc: fix memory corruption on open]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/d245f43aab2b61195d8ebb64cef7b5a08c590ab4 (6.0-rc4)
+CVE-2022-49949 [firmware_loader: Fix memory leak in firmware upload]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/789bba82f63c3e81dce426ba457fc7905b30ac6e (6.0-rc4)
+CVE-2022-49948 [vt: Clear selection before changing the font]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/566f9c9f89337792070b5a6062dff448b3e7977f (6.0-rc4)
+CVE-2022-49947 [binder: fix alloc->vma_vm_mm null-ptr dereference]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1da52815d5f1b654c89044db0cdc6adce43da1f1 (6.0-rc4)
+CVE-2022-49946 [clk: bcm: rpi: Prevent out-of-bounds access]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/bc163555603e4ae9c817675ad80d618a4cdbfa2d (6.0-rc4)
+CVE-2022-49945 [hwmon: (gpio-fan) Fix array out of bounds access]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/f233d2be38dbbb22299192292983037f01ab363c (6.0-rc4)
+CVE-2022-49944 [Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()"]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5f73aa2cf8bef4a39baa1591c3144ede4788826e (6.0-rc4)
+CVE-2022-49943 [USB: gadget: Fix obscure lockdep violation for udc_mutex]
+ - linux 6.0.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1016fc0c096c92dd0e6e0541daac7a7868169903 (6.0-rc4)
+CVE-2022-49942 [wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected]
+ - linux 6.0.2-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/15bc8966b6d3a5b9bfe4c9facfa02f2b69b1e5f0 (6.0-rc4)
CVE-2022-49941 [tty: n_gsm: avoid call of sleeping functions from atomic context]
- linux 5.19.11-1
[bullseye] - linux 5.10.148-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/627407f16024411c73b5e50c22c124335eda4670
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/627407f16024411c73b5e50c22c124335eda4670
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250618/6fa27ff7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list