CVE-2022-49615

CVE-2022-49615 affects the Linux kernel ASoC rt711-sdca subsystem. A IO error during initial codec settings could dereference a NULL rt711->component before the probe completes, risking kernel panic. The fix changes the code path to use slave->dev instead of component->dev for the early ...

CVE-2022-49615 ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...

CVE-2022-49615

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...

CVE-2022-49568 KVM: Don't null dereference ops->destroy

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: 1 destroy which is called when the VM is being destroyed; 2 release which is called when a device fd is closed. Most KVM devices use...

CVE-2022-49510

In the Linux kernel, the following vulnerability has been resolved: drm/omap: fix NULL but dereferenced coccicheck error Fix the following coccicheck warning: ./drivers/gpu/drm/omapdrm/omapoverlay.c:89:22-25: ERROR: rovl is NULL but dereferenced. Here should be ovl-idx rather than rovl-idx...

CVE-2022-49491 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vopbind It will cause null-ptr-deref in resourcesize, if platformgetresource returns NULL, move calling resourcesize after devmioremapresource that will check 'res' to avoid...

CVE-2022-49453

In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for null return of devmkcalloc The allocation funciton devmkcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly...

CVE-2022-49295 nbd: call genl_unregister_family() first in nbd_cleanup()

In the Linux kernel, the following vulnerability has been resolved: nbd: call genlunregisterfamily first in nbdcleanup Otherwise there may be race between module removal and the handling of netlink command, which can lead to the oops as shown below: BUG: kernel NULL pointer dereference, address:...

CVE-2022-49273 rtc: pl031: fix rtc features null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The clearing of the alarm feature bit was being done prior to allocations of ldata-rtc device, resulting in a...

CVE-2022-49254

In the Linux kernel, the following vulnerability has been resolved: media: ti-vpe: cal: Fix a NULL pointer dereference in calctxv4l2initformats In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt and there is a dereference of it after that, which could lead to NULL pointer...

CVE-2022-49125 drm/sprd: fix potential NULL dereference

In the Linux kernel, the following vulnerability has been resolved: drm/sprd: fix potential NULL dereference 'drm' could be null in sprddrmshutdown, and drmwarn maybe dereference it, remove this warning log. v1 - v2: - Split checking platformgetresource return value to a separate patch - Use...

CVE-2022-49083

CVE-2022-49083 concerns a kernel-level regression in the iommu/omap path that can trigger a NULL pointer dereference during device probe. The issue arises when a commit altered probe behavior (3f6634d997db) so that omap iommu probe returns 0 instead of ERR_PTR(-ENODEV), making probe_iommu_group-&...

CVE-2022-49072

In the Linux kernel, the following vulnerability has been resolved: gpio: Restrict usage of GPIO chip irq members before initialization GPIO chip irq members are exposed before they could be completely initialized and this leads to race conditions. One such issue was observed for the gc-irq.domai...

CVE-2022-49055 drm/amdkfd: Check for potential null return of kmalloc_array()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmallocarray As the kmallocarray may return null, the 'eventwaitersi.wait' would lead to null-pointer dereference. Therefore, it is better to check the return value of kmallocarray t...

CVE-2021-47650 ASoC: soc-compress: prevent the potentially use of null pointer

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26984)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26984 advisory. - In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race...

CVE-2024-36476

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function. Previously, 'ibsge list' was...

CVE-2024-36476 RDMA/rtrs: Ensure 'ib_sge list' is accessible

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function. Previously, 'ibsge list' was...

CVE-2024-36476

CVE-2024-36476 affects the Linux kernel (RDMA/rtrs path). The bug arises from declaring the ib_sge list inside the always_invalidate block, making it inaccessible later in the function and enabling a potential kernel NULL pointer dereference. The vulnerability is addressed by moving the ib_sge li...

CVE-2024-56773

In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunitdevicedrivertest kunitkzalloc may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for teststate...