CVE-2022-49453

Summary (CVE-2022-49453) : In the Linux kernel, the TI SoC power-domain driver (soc: ti: ti_sci_pm_domains) might dereference a NULL pointer if devm_kcalloc returns NULL. The recommended fix is to check the allocation result and return -ENOMEM, mirroring the handling in earlier code paths. The is...

CVE-2022-49449

In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-deref in shpfcmapresources It will cause null-ptr-deref when using 'res', if platformgetresource returns NULL, so move using 'res' after devmioremapresource that will check it to avoi...

CVE-2022-49445 pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fix possible null-ptr-deref in shpfcmapresources It will cause null-ptr-deref when using 'res', if platformgetresource returns NULL, so move using 'res' after devmioremapresource that will check it to avoi...

CVE-2022-49403 lib/string_helpers: fix not adding strarray to device's resource list

In the Linux kernel, the following vulnerability has been resolved: lib/stringhelpers: fix not adding strarray to device's resource list Add allocated strarray to device's resource list. This is a must to automatically release strarray when the device disappears. Without this fix we have a memory...

CVE-2022-49323 iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in armsmmudeviceprobe It will cause null-ptr-deref when using 'res', if platformgetresource returns NULL, so move using 'res' after devmioremapresource that will check it to avoid...

PT-2025-8325 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential double free issue has been resolved in the Linux kernel, specifically in the remoteproc: mtk scp module. The issue arises from the explicit freeing of 'scp-rproc' in the...

PT-2025-8552 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the sfp probe function. This function allocates memory using sfp alloc, but when devm add action fails, the...

DEBIAN-CVE-2025-21685

In the Linux kernel, the following vulnerability has been resolved: platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: fix serdev race The yt21380fcserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointe...

pinctrl: apple: check devm_kasprintf() returned value

...

DEBIAN-CVE-2024-57944

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1298: Add NULL check in ads1298init devmkasprintf can return a NULL pointer on failure. A check on the return value of such a call in ads1298init is missing. Add it...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of the ti-ads1298 driver in the iio module to check the return value of devmkasprintf. This coul...

PT-2025-3669 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the ti-ads1298 driver. The issue arises because devm kasprintf can return a NULL pointer on failure, and a check for th...

SUSE CVE-2024-56634

In the Linux kernel, the following vulnerability has been resolved: gpio: grgpio: Add NULL check in grgpioprobe devmkasprintf can return a NULL pointer on failure,but this returned value in grgpioprobe is not checked. Add NULL check in grgpioprobe, to handle kernel NULL pointer dereference error...

AZL-56544 CVE-2024-56766 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmelpmecccreateuser The "user" pointer was converted from being allocated with kzalloc to being allocated by devmkzalloc. Calling kfreeuser will lead to a double free...

UBUNTU-CVE-2024-56766

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmelpmecccreateuser The "user" pointer was converted from being allocated with kzalloc to being allocated by devmkzalloc. Calling kfreeuser will lead to a double free...

PT-2025-34425

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference issue was resolved in the ice copy and init pkg function. A check was added for the return value of devm kmemdup to prevent this potential dereference...

PT-2025-34397

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the davinci lpsc clk register function where a NULL pointer dereference can occur. This is due to the function not checking the return value of devm...

SUSE CVE-2024-56754

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caamqishutdown The type of the last parameter given to devmaddactionorreset is "struct caamdrvprivate ", but in caamqishutdown, it is casted to "struct device ". Pass the correct parameter...

AZL-54753 CVE-2024-56754 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caamqishutdown The type of the last parameter given to devmaddactionorreset is "struct caamdrvprivate ", but in caamqishutdown, it is casted to "struct device ". Pass the correct parameter...

AZL-54836 CVE-2024-56754 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caamqishutdown The type of the last parameter given to devmaddactionorreset is "struct caamdrvprivate ", but in caamqishutdown, it is casted to "struct device ". Pass the correct parameter...