In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10). Then the data_vault_read() got NULL point dereference problem when accessing the 0x10 value in data_vault. [ 71.024560] BUG: kernel NULL pointer dereference, address: 0000000000000010 This patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or NULL value in data_vault.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | < 5.19.11-1 | linux_5.19.11-1_all.deb |
Debian | 11 | all | linux | <= 5.10.218-1 | linux_5.10.218-1_all.deb |
Debian | 999 | all | linux | < 5.19.11-1 | linux_5.19.11-1_all.deb |
Debian | 13 | all | linux | < 5.19.11-1 | linux_5.19.11-1_all.deb |