13 matches found
CVE-2022-50091
In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from earlyparam to setup The csdlockdebug kernel-boot parameter is parsed by the earlyparam function csdlockdebug. If set, csdlockdebug invokes staticbranchenable to enable csdlockwait feature...
CVE-2022-50181
CVE-2022-50181 affects the Linux kernel’s virtio-gpu driver. The vulnerability arises from a missing NULL check in virtio_gpu_cmd_get_capset(), where a NULL-ified cache_ent could be dereferenced (ptr = cache_ent->caps_cache). This results in a NULL pointer dereference. The issue has been resol...
CVE-2022-49989 xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix error exit of privcmdioctldmop The error exit of privcmdioctldmop is calling unlockpages potentially with pages being NULL, leading to a NULL dereference. Additionally lockpages doesn't check for pinuserpagesfast...
CVE-2025-21957
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...
CVE-2025-21857 net/sched: cls_api: fix error handling causing NULL dereference
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...
Linux Distros Unpatched Vulnerability : CVE-2024-50156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msmdispstateprintregs If the allocation in...
Linux Distros Unpatched Vulnerability : CVE-2024-47707
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops:...
CVE-2022-49490 drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5piperelease when deadlock is detected mdp5getglobalstate runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5piperelease doesn't check for if an error is...
Azure Linux 3.0 Security Update: kernel (CVE-2024-36902)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36902 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-50000)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50000 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in...
PUB-A-244500020
In multiple locations, there is a possible null dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-35034 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.0 through v6.1.7 Description: A null-deref issue was found in the gsmi get variable function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions v3.0 through...
PT-2023-34913 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.0 through v4.14.303 Description: A null-deref issue was found in the gsmi get variable function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions v3.0...