CVE-2023-54093 media: anysee: fix null-ptr-deref in anysee_master_xfer

In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anyseemasterxfer In anyseemasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach...

CVE-2023-54087

In the Linux kernel ubi subsystem, CVE-2023-54087 fixes a null pointer dereference in ubi_free_volume() triggered when ubi_add_volume() failures lead to kill_volumes() invoking ubi_free_volume() for devices that may not have been added. The patch ensures that, on ubi_add_volume() error, the affec...

CVE-2023-54087 ubi: Fix possible null-ptr-deref in ubi_free_volume()

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...

CVE-2023-54085 mptcp: fix NULL pointer dereference on fastopen early fallback

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated sock to the caller. The fastopen path does not...

CVE-2023-54082

CVE-2023-54082 has been rejected in the official CVE list, but related connected records describe a Linux kernel vulnerability: af_unix, where unix_stream_sendpage() could race with garbage collection, potentially dereferencing an unlocked skb and causing a use-after-free. The root cause is failu...

CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...

CVE-2023-54080

CVE-2023-54080 affects the Linux kernel in the btrfs zoned relocation path. When relocating and the corresponding region has no checksum, btrfs_finish_ordered_zoned() may reference an invalid checksum item, causing ordered_extent’s logical address to become invalid and later trigger a NULL pointe...

CVE-2022-50773 ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt

In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in sndmts64interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIGPARPORT=m, CONFIGPARPORTPC=m, CONFIGSNDMTS64=m Then...

CVE-2022-50773

CVE-2022-50773 is a Linux kernel vulnerability affecting ALSA mts64 where a null pointer defer can occur in snd_mts64_interrupt if mts64 is not initialized at interrupt time. The provided exploit trace shows a kernel NULL dereference and a subsequent reboot in an environment testing with CONFIG_P...

CVE-2022-50773 ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt

In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in sndmts64interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIGPARPORT=m, CONFIGPARPORTPC=m, CONFIGSNDMTS64=m Then...

CVE-2023-54060

CVE-2023-54060 is a Linux kernel vulnerability in the iommufd subsystem where end was not set correctly during batch carry, which could trigger a NULL pointer dereference in batch_unpin. Public advisories (Red Hat, ENISA EUVD, and OSV) confirm the issue and indicate a fix has been applied in the ...

CVE-2023-54059 soc: mediatek: mtk-svs: Enable the IRQ later

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

CVE-2023-54049

Technical details for CVE-2023-54049 are not publicly provided in the supplied documents. The materials reference a Linux kernel fix in rpmsg: glink to check kstrdup() return value and prevent NULL pointer dereference; monitor for updates.

CVE-2023-54049 rpmsg: glink: Add check for kstrdup

In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup and return the error if it fails in order to avoid NULL pointer dereference...

CVE-2022-50735 wifi: mt76: do not run mt76u_status_worker if the device is not running

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76ustatusworker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76ustatusworker thread if the device is not running yet. KASAN: null-ptr-deref in range...

CVE-2022-50715 md/raid1: stop mdx_raid1 thread when raid1 array run failed

In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdxraid1 thread were not stop, Even if the associated resources have been released. it wi...

CVE-2025-68738 wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case, and apply them later. Move th...

AZL-73138 CVE-2025-68379 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...

CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2025-68379

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...