CVE-2022-49483

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: avoid clearing hw interrupts if hwintr is null during drm uninit If edp modeset init is failed due to panel being not ready and probe defers during drm bind, avoid clearing irqs and dereference hwintr when hwin...

CVE-2022-49254

In the Linux kernel, the following vulnerability has been resolved: media: ti-vpe: cal: Fix a NULL pointer dereference in calctxv4l2initformats In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt and there is a dereference of it after that, which could lead to NULL pointer...

UBUNTU-CVE-2022-49532

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...

CVE-2022-49072

In the Linux kernel, the following vulnerability has been resolved: gpio: Restrict usage of GPIO chip irq members before initialization GPIO chip irq members are exposed before they could be completely initialized and this leads to race conditions. One such issue was observed for the gc-irq.domai...

CVE-2022-49731

CVE-2022-49731 affects the Linux kernel’s ata_libata-core. The flaw is a NULL pointer dereference in ata_host_alloc_pinfo() if the ppi array starts with NULL, causing a kernel oops. The fix initializes the local pi variable to &ata_dummy_port_info to prevent the oops. This vulnerability is addres...

CVE-2022-49707 ext4: add reserved GDT blocks check

In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear resizeinode feature not run e2fsck. It could be simply reproduced by following steps. The problem is...

CVE-2022-49664

In the Linux kernel, the following vulnerability has been resolved: tipc: move bc link creation back to tipcnodecreate Shuang Li reported a NULL pointer dereference crash: BUG: kernel NULL pointer dereference, address: 0000000000000068 RIP: 0010:tipclinkisup+0x5/0x10 tipc Call Trace:...

CVE-2022-49615 ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...

CVE-2022-49615

CVE-2022-49615 affects the Linux kernel ASoC rt711-sdca subsystem. A IO error during initial codec settings could dereference a NULL rt711->component before the probe completes, risking kernel panic. The fix changes the code path to use slave->dev instead of component->dev for the early ...

CVE-2022-49615

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...

CVE-2022-49491 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vopbind It will cause null-ptr-deref in resourcesize, if platformgetresource returns NULL, move calling resourcesize after devmioremapresource that will check 'res' to avoid...

CVE-2022-49453

In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for null return of devmkcalloc The allocation funciton devmkcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly...

CVE-2022-49295 nbd: call genl_unregister_family() first in nbd_cleanup()

In the Linux kernel, the following vulnerability has been resolved: nbd: call genlunregisterfamily first in nbdcleanup Otherwise there may be race between module removal and the handling of netlink command, which can lead to the oops as shown below: BUG: kernel NULL pointer dereference, address:...

CVE-2022-49273 rtc: pl031: fix rtc features null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The clearing of the alarm feature bit was being done prior to allocations of ldata-rtc device, resulting in a...

CVE-2022-49254

In the Linux kernel, the following vulnerability has been resolved: media: ti-vpe: cal: Fix a NULL pointer dereference in calctxv4l2initformats In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt and there is a dereference of it after that, which could lead to NULL pointer...

CVE-2022-49083

CVE-2022-49083 concerns a kernel-level regression in the iommu/omap path that can trigger a NULL pointer dereference during device probe. The issue arises when a commit altered probe behavior (3f6634d997db) so that omap iommu probe returns 0 instead of ERR_PTR(-ENODEV), making probe_iommu_group-&...

CVE-2022-49072

In the Linux kernel, the following vulnerability has been resolved: gpio: Restrict usage of GPIO chip irq members before initialization GPIO chip irq members are exposed before they could be completely initialized and this leads to race conditions. One such issue was observed for the gc-irq.domai...

CVE-2022-49055 drm/amdkfd: Check for potential null return of kmalloc_array()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmallocarray As the kmallocarray may return null, the 'eventwaitersi.wait' would lead to null-pointer dereference. Therefore, it is better to check the return value of kmallocarray t...

CVE-2021-47650 ASoC: soc-compress: prevent the potentially use of null pointer

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26984)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26984 advisory. - In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race...