CVE-2023-54313

The CVE-2023-54313 entry concerns a Linux kernel ovl filesystem NULL pointer dereference in ovl_get_acl_rcu(). The issue arises when upperdentry inode is NULL and IS_POSIXACL(realinode) dereferences a NULL realinode during ACL checks in overlay (ovl) permission handling, potentially triggering a ...

CVE-2023-54313 ovl: fix null pointer dereference in ovl_get_acl_rcu()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

CVE-2023-54313

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

CVE-2023-54304

In the Linux kernel, the following vulnerability has been resolved: firmware: mesonsm: fix to avoid potential NULL pointer dereference ofmatchdevice may fail and returns a NULL pointer. Fix this by checking the return value of ofmatchdevice...

CVE-2023-54291 vduse: fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: vduse: fix NULL pointer dereference vdusevdpasetvqaffinity callback can be called with NULL value as cpumask when deleting the vduse device. This patch resets virtqueue's IRQ affinity mask value to set all CPUs instead of...

CVE-2023-54291

In the Linux kernel, the following vulnerability has been resolved: vduse: fix NULL pointer dereference vdusevdpasetvqaffinity callback can be called with NULL value as cpumask when deleting the vduse device. This patch resets virtqueue's IRQ affinity mask value to set all CPUs instead of...

CVE-2022-50878

CVE-2022-50878 relates to the Linux kernel GPU driver for lontium-lt9611. The root cause was a missing NULL check on bridge->encoder in lt9611_connector_init(), which could be NULL but was dereferenced in drm_connector_attach_encoder. The vulnerability is resolved by the fix that introduces a ...

CVE-2022-50878 gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init()

In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for bridge-encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 if !bridge-encoder...

CVE-2022-50878 gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init()

In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for bridge-encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 if !bridge-encoder...

CVE-2023-54264 fs/sysv: Null check to prevent null-ptr-deref bug

In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sbgetblkinode-isb, parent return a null ptr and taking lock on that leads to the null-ptr-deref bug...

CVE-2023-54264

CVE-2023-54264 concerns the Linux kernel, in the fs/sysv path, where a null pointer dereference could occur if sb_getblk(inode->i_sb, parent) returns NULL and a lock is taken on it. The connected advisories confirm the vulnerability and note that a fix was applied by adding a null check to pre...

CVE-2023-54264 fs/sysv: Null check to prevent null-ptr-deref bug

In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sbgetblkinode-isb, parent return a null ptr and taking lock on that leads to the null-ptr-deref bug...

CVE-2023-54264

In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sbgetblkinode-isb, parent return a null ptr and taking lock on that leads to the null-ptr-deref bug...

CVE-2023-54249

The CVE concerns the Linux kernel component bus: mhi: ep. The issue arises when handling STOP and RESET commands: the system may send a -ENOTCONN status even if the client driver is not available, which could lead to a null pointer dereference. The available connected sources confirm this is a ke...

CVE-2023-54249 bus: mhi: ep: Only send -ENOTCONN status if client driver is available

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...

CVE-2022-50866

In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmalloc fail to allocate. Need to check the return pointer before calling strcmp...

CVE-2023-54240 net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible NULL pointer dereference in mtkhwlrogetfdirall rulelocs is allocated in ethtoolgetrxnfc and the size is determined by rulecnt from user space. So rulecnt needs to be check before using...

CVE-2023-54241

In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 "MIPS: Remove KVMTE support" we get a NULL pointer dereference when creating a KVM guest: 146.243409 Starting KVM with MIPS VZ extensions 149.849151 CP...

CVE-2023-54240

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible NULL pointer dereference in mtkhwlrogetfdirall rulelocs is allocated in ethtoolgetrxnfc and the size is determined by rulecnt from user space. So rulecnt needs to be check before using...

CVE-2023-54206 net/sched: flower: fix filter idr initialization

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...