104 matches found
SUSE CVE-2024-41077
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix validation of block size Block size should be between 512 and PAGESIZE and be a power of 2. The current check does not validate this, so update the check. Without this patch, nullblk would Oops due to a null pointer...
CVE-2022-48795 parisc: Fix data TLB miss in sba_unmap_sg
In the Linux kernel, the following vulnerability has been resolved: parisc: Fix data TLB miss in sbaunmapsg Rolf Eike Beer reported the following bug: 1274934.746891 Bad Address null pointer deref?: Code=15 Data TLB miss fault at addr 0000004140000018 1274934.746891 CPU: 3 PID: 5549 Comm: cmake N...
CVE-2022-48795
CVE-2022-48795 maps to a PA-RISC Linux kernel issue: overrunning sglist in sba_unmap_sg caused a Data TLB miss and null-pointer dereference, leading to a kernel panic. The root cause was testing sg_dma_len(sglist) before confirming remaining entries (nents), which could cross a page boundary and ...
CVE-2022-48772 media: lgdt3306a: Add a check against null-pointer-def
In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: Add a check against null-pointer-def The driver should check whether the client provides the platformdata. The following log reveals it: 29.610324 BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40 29.610730 Read o...
CVE-2022-48740 selinux: fix double free of cond_list on error paths
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of condlist on error paths On error path from condreadlist and duplicatepolicydbcondlist the condlistdestroy gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by...
SUSE CVE-2021-47407
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of initsrcustruct, which can fail due to OOM, when initializing the page track mechanism. Lack of checking leads to a NULL pointer deref found b...
CVE-2023-52802
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2021-47407
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of initsrcustruct, which can fail due to OOM, when initializing the page track mechanism. Lack of checking leads to a NULL pointer deref found b...
CVE-2023-52802
...
CVE-2023-52802
Removed by vendor...
CVE-2021-47407 KVM: x86: Handle SRCU initialization failure during page track init
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of initsrcustruct, which can fail due to OOM, when initializing the page track mechanism. Lack of checking leads to a NULL pointer deref found b...
CVE-2021-47407
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of initsrcustruct, which can fail due to OOM, when initializing the page track mechanism. Lack of checking leads to a NULL pointer deref found b...
SUSE CVE-2024-35874
In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aiocomplete wakeup listdelinitcareful needs to be the last access to the wait queue entry - it effectively unlocks access. Previously, finishwait would see the empty list head and skip taking the lock,...
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1646-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
CVE-2024-26785
CVE-2024-26785 (Linux kernel) fixed a protection fault in iommufd_test_syz_conv_iova due to iommufd_access_change_ioas() setting access->ioas to NULL, creating a race where the lock could be invalid concurrently. The fix aligns with existing sanity checks in iommufd_access_rw() and iommufd_acc...
CVE-2024-27229
In ssSendCallBarringPwdRequiredIndMsg of ssCallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
OESA-2024-1030 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: openeuler-linux-kernel-4.19.0-cbsdestroy-NULL-ptr-deref-391216CVE-2021-33630 openeuler-linux-kernel-5.10.149-ext4writeinlinedata-kernelbug-365020CVE-2021-33631 An out-of-bounds read vulnerability was found in the NVMe-oF/TCP...
OESA-2024-1031 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: openeuler-linux-kernel-4.19.0-cbsdestroy-NULL-ptr-deref-391216CVE-2021-33630 openeuler-linux-kernel-5.10.149-ext4writeinlinedata-kernelbug-365020CVE-2021-33631 An issue was discovered in the Linux kernel through 6.3.8. A...
CVE-2023-3106 Kernel: netlink socket crash (null pointer deref) in netlink_dump function
A NULL pointer dereference vulnerability was found in netlinkdump. This issue can occur when the Netlink socket receives the messagesendmsg for the XFRMMSGGETSA, XFRMMSGGETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due t...
SUSE-SU-2023:2483-1 Security update for openldap2
This update for openldap2 fixes the following issues: - CVE-2023-2953: Fixed null pointer deref in bermemallocx bsc1211795...