CVE-2022-50721

CVE-2022-50721 affects the Linux kernel via the dmaengine: qcom-adm module. The vulnerability stems from the function prep_slave_sg returning an error pointer on error instead of NULL, while consumers (e.g., nandc) expect NULL to indicate failure. This mismatch can lead to a kernel panic later in...

CVE-2025-68220

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: netcp: Standardize knavdmaopenchannel to return NULL on error Make knavdmaopenchannel consistently return NULL on error instead of ERRPTR. Currently the header include/linux/soc/ti/knavdma.h returns NULL when t...

AZL-67034 CVE-2025-39676 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is supposed to return NULL on error, but qla4xxxepconnect returns error pointers. Propagating the error pointers will lead to an Oops in t...

CVE-2025-39676

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is supposed to return NULL on error, but qla4xxxepconnect returns error pointers. Propagating the error pointers will lead to an Oops in t...

kernel: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg

A flaw was found in the Linux kernel’s dmaengine qcom-adm implementation where the function prepslavesg did not adhere to the documented error return convention. On error, it returned an error pointer instead of NULL, which can cause consumers that check only for non-NULL to assume success and...