297 matches found
CVE-2025-38442
The CVE-2025-38442 entry concerns the Linux kernel and a fix for large folio support when THP (Transparent Huge Pages) is disabled. The vulnerability could trigger a NULL pointer dereference during boot if a block device with logical block size larger than the page size is present while THP is of...
CVE-2024-53130
CVE-2024-53130 affects the Linux kernel nilfs2 code. The issue is a NULL pointer dereference in the block_dirty_buffer tracepoint when using mark_buffer_dirty(), caused by bh->b_bdev->bd_dev being dereferenced even if the buffer head lacks a block_device pointer. The kernel fix makes nilfs_...
CVE-2024-53120
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5tcctentryaddrule, in case ctruleadd callback returns error, zonerule-attr is used uninitiated. Fix it to use attr which has the needed pointer value...
CVE-2024-53064
In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...
CVE-2024-50255
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...
CVE-2024-53064
In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...
CVE-2024-53064 idpf: fix idpf_vc_core_init error path
In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...
CVE-2024-53064
CVE-2024-53064 is a Linux kernel issue in the idpf/vc_core mailbox path. During a reboot-retry sequence, the mailbox workqueue may still run after resources are freed, leading to a NULL pointer dereference when the released control queue is accessed. The fix unrolls the workqueue cancellation and...
CVE-2024-53064 idpf: fix idpf_vc_core_init error path
In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. CVE-2024-46763 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...
CVE-2024-50255 Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...
CVE-2024-50255
The CVE CVE-2024-50255 affects the Linux kernel Bluetooth stack. A null-ptr-deref in hci_read_supported_codecs can occur due to __hci_cmd_sync_sk() returning NULL for unknown opcodes and the hci_cmd_complete_evt() assuming status from skb->data[0] when an opcode is missing from hci_cc, trigger...
CVE-2024-50255
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...
CVE-2024-50153
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in targetallocdevice There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in targetallocdevice+0xbc4/0xbe0 targetcoremod ... kasanreport+0xb9/0xf0...
CVE-2024-50147
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGEPAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGEPAGES. In addition,...
CVE-2024-50153
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in targetallocdevice There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in targetallocdevice+0xbc4/0xbe0 targetcoremod ... kasanreport+0xb9/0xf0...
CVE-2024-50147
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGEPAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGEPAGES. In addition,...
CVE-2024-50153 scsi: target: core: Fix null-ptr-deref in target_alloc_device()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in targetallocdevice There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in targetallocdevice+0xbc4/0xbe0 targetcoremod ... kasanreport+0xb9/0xf0...
CVE-2024-50153
CVE-2024-50153 — Linux kernel null pointer dereference in target_alloc_device() The Astra Linux advisory (and linked sources) confirm a vulnerability in the Linux kernel's SCSI target core (target_alloc_device) where memory allocation for device queues could fail before dev.transport is initializ...
CVE-2024-50147
CVE-2024-50147 affects the Linux kernel mlx5 subsystem. The issue stems from improper initialization of the command bitmask for MANAGE_PAGES and from mlx5_cmd_trigger_completions() attempting to trigger a completion for MANAGE_PAGES, which could cause a null-deref if a health error occurs before ...