UBUNTU-CVE-2023-54240

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible NULL pointer dereference in mtkhwlrogetfdirall rulelocs is allocated in ethtoolgetrxnfc and the size is determined by rulecnt from user space. So rulecnt needs to be check before using...

UBUNTU-CVE-2023-54264

In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sbgetblkinode-isb, parent return a null ptr and taking lock on that leads to the null-ptr-deref bug...

UBUNTU-CVE-2023-54314

In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...

UBUNTU-CVE-2022-50888

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5wcssinitmmio q6v5wcssinitmmio will call platformgetresourcebyname that may fail and return NULL. devmioremap will use res-start as input, which may causes null-ptr-deref...

CVE-2022-50847

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

CVE-2022-50826

In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: Fix NULL pointer dereference in imgusubdevsetselection Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereference. This can currently happen in...

CVE-2022-50846

In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehos...

CVE-2022-50817

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...

CVE-2022-50888 remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio()

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5wcssinitmmio q6v5wcssinitmmio will call platformgetresourcebyname that may fail and return NULL. devmioremap will use res-start as input, which may causes null-ptr-deref...

CVE-2023-54321 driver core: fix potential null-ptr-deref in device_add()

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd I got the following null-ptr-deref report while doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 CPU: 2 PID: 278 Comm: 37-i2c-ds248...

CVE-2023-54321

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd I got the following null-ptr-deref report while doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 CPU: 2 PID: 278 Comm: 37-i2c-ds248...

CVE-2023-54321

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd I got the following null-ptr-deref report while doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 CPU: 2 PID: 278 Comm: 37-i2c-ds248...

CVE-2023-54319 pinctrl: at91-pio4: check return value of devm_kasprintf()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91-pio4: check return value of devmkasprintf devmkasprintf returns a pointer to dynamically allocated memory. Pointer could be NULL in case allocation fails. Check pointer validity. Identified with coccinelle kmerr.coc...

CVE-2022-50885 RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

CVE-2022-50885

CVE-2022-50885 affects the Linux kernel RDMA/rxe path. The root cause is a NULL pointer dereference in rxe_qp_do_cleanup() when socket creation fails during rxe_qp_init_req(), which can occur in mount.cifs over RDMA. The documented fix moves the reset of rxe_qp_do_cleanup() to occur after a NULL ...

CVE-2023-54314 media: af9005: Fix null-ptr-deref in af9005_i2c_xfer

In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...

CVE-2023-54313

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

CVE-2023-54313 ovl: fix null pointer dereference in ovl_get_acl_rcu()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

CVE-2023-54313

The CVE-2023-54313 entry concerns a Linux kernel ovl filesystem NULL pointer dereference in ovl_get_acl_rcu(). The issue arises when upperdentry inode is NULL and IS_POSIXACL(realinode) dereferences a NULL realinode during ACL checks in overlay (ovl) permission handling, potentially triggering a ...

CVE-2023-54304

In the Linux kernel, the following vulnerability has been resolved: firmware: mesonsm: fix to avoid potential NULL pointer dereference ofmatchdevice may fail and returns a NULL pointer. Fix this by checking the return value of ofmatchdevice...