CVE-2024-42307

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroyworkqueue in initcifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 initcifs error: we previously assumed 'serverclosewq' could be nul...

CVE-2024-41089

CVE-2024-41089 relates to the Linux kernel DRM/Nouveau code path: in nv17_tv_get_hd_modes(), the return of drm_mode_duplicate() (and drm_cvt_mode()) could be NULL on failure, leading to a NULL pointer dereference. The fix adds a NULL check to avoid dereferencing a NULL mode object. Impact is a lo...

CVE-2024-40951

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2aborttrigger bdev-bdsuper has been removed and commit 8887b94d9322 change the usage from bdev-bdsuper to bassocmap-host-isb. Since ocfs2 hasn't set bh-bassocmap, it will trigger NULL...

CVE-2024-40982

CVE-2024-40982 affects the Linux kernel in the ssb_device_uevent() path where a NULL pointer could be dereferenced before a NULL check. The fix moves the NULL check before dereferencing, mitigating the issue. In Mariner 2.0, kernels older than 5.15.176.3-2 are affected; upgrading to 5.15.176.3-2 ...

Siemens JT Open Toolkit 代码问题漏洞

The Siemens JT Open Toolkit Siemens JTTK is a C++ application programming interface API from Siemens, Germany.The PLM XML SDK is a lightweight, flexible mechanism for product data transfer. It supports an adapter-based approach to transform data from any source into an XML representation. A null...

CVE-2021-47540

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix NULL pointer dereference in mt7915getphymode Fix the following NULL pointer dereference in mt7915getphymode routine adding an ibss interface to the mt7915 driver. 101.137097 wlan0: Trigger new scan to find an IB...

CVE-2023-52833

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Add date-evtskb is NULL check fix crash because of null pointers 6104.969662 BUG: kernel NULL pointer dereference, address: 00000000000000c8 6104.969667 PF: supervisor read access in kernel mode 6104.969668 PF:...

CVE-2021-47269

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep and we might be referring a non-existing ep and trigger a NULL pointer exception. In certain configurations we might use fewer ep...

CVE-2024-35940 pstore/zone: Add a null pointer check to the psz_kmsg_read

In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the pszkmsgread kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

CVE-2024-35891

The CVE-2024-35891 issue affects the Linux kernel net:phy: micrel area, specifically lan8814_get_sig_rx() and lan8814_get_sig_tx(). The vulnerability stems from ptp_parse_header() returning NULL for abnormally formed or corrupted packets, leading to a potential null pointer dereference. The fix a...

CVE-2023-52696

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opalpowercapinit kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

CVE-2021-47197

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: nullify cq-dbg pointer in mlx5debugcqremove Prior to this patch in case mlx5coredestroycq failed it proceeds to rest of destroy operations. mlx5coredestroycq could be called again by user and cause additional call of...

CVE-2021-47183

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS requests may result in a NULL pointer dereferenc...

CVE-2024-26649

CVE-2024-26649 (linux kernel, drm/amdgpu) fixes a NULL pointer dereference in RLC firmware loading. Root cause: when RLC firmware header size is invalid, the firmware pointer is released and later dereferenced. The patch skips the validation to prevent the NULL pointer dereference during subseque...

CVE-2023-52492

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function dmaasyncdevicechannelregister can fail. In case of failure, chan-local is freed with freepercpu, and chan-local is nullified. When dmaasyncdeviceunregister is called...

GPAC Security Vulnerabilities

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version 2.3-DEV-rev588-g7edc40fee-mastergpac, which originated from a null pointer reference in gfdashsetupperiod in mediatools/dashclient that allows remote attackers to obtain sensitive information...

D-Link DIR-823G Security Vulnerability

The D-Link DIR-823G is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-823G A1V1.0.2B05 version, which stems from a null pointer dereference vulnerability in the sub41C488 function...

CVE-2021-47045

A flaw was found in the scsi/lpfcIt subsystem of the Linux kernel, where it is possible to call lpfcissueelsplogi passing a did argument for which no matching ndlp is found. A call is then made to lpfcprepelsiocb with a NULL pointer to a lpfcnodelist structure, resulting in a NULL pointer...

CVE-2021-47002 SUNRPC: Fix null pointer dereference in svc_rqst_free()

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null pointer dereference in svcrqstfree When allocpagesnode returns null in svcrqstalloc, the null rqscratchpage pointer will be dereferenced when calling putpage in svcrqstfree. Fix it by adding a null check...

CVE-2021-46981

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...