Vulnerabilities > Linux > Linux Kernel > 4.9.89

DATE CVE VULNERABILITY TITLE RISK
2024-10-21 CVE-2022-48988 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: memcg: fix possible use-after-free in memcg_write_event_control() memcg_write_event_control() accesses the dentry->d_name of the specified control fd to route the write call.
local
high complexity
linux CWE-416
7.0
2024-10-21 CVE-2022-48990 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free during gpu recovery [Why] [ 754.862560] refcount_t: underflow; use-after-free. [ 754.862898] Call Trace: [ 754.862903] <TASK> [ 754.862913] amdgpu_job_free_cb+0xc2/0xe1 [amdgpu] [ 754.863543] drm_sched_main.cold+0x34/0x39 [amd_sched] [How] The fw_fence may be not init, check whether dma_fence_init is performed before job free
local
low complexity
linux CWE-416
7.8
2024-10-21 CVE-2022-48991 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs (like KVM) don't keep accessing pages which aren't mapped anymore.
local
low complexity
linux CWE-416
7.8
2024-10-21 CVE-2022-48992 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Add NULL check in BE reparenting Add NULL check in dpcm_be_reparent API, to handle kernel NULL pointer dereference error. The issue occurred in fuzzing test.
local
low complexity
linux CWE-476
5.5
2024-10-21 CVE-2022-48994 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks.
local
low complexity
linux
5.5
2024-10-21 CVE-2022-49002 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() for_each_pci_dev() is implemented by pci_get_device().
local
low complexity
linux
5.5
2024-10-21 CVE-2022-49006 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" field of the event then uses the first type number that is available (not currently used by other events).
local
low complexity
linux CWE-416
7.8
2024-10-21 CVE-2022-49007 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() Syzbot reported a null-ptr-deref bug: NILFS (loop0): segctord starting.
local
low complexity
linux CWE-476
5.5
2024-10-21 CVE-2022-49010 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is already NULL and has been kfreed.
local
low complexity
linux CWE-476
5.5
2024-10-21 CVE-2022-49011 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pci_dev_put().
local
low complexity
linux CWE-401
5.5