CVE-2023-54085 mptcp: fix NULL pointer dereference on fastopen early fallback

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated sock to the caller. The fastopen path does not...

CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...

CVE-2023-54082

CVE-2023-54082 has been rejected in the official CVE list, but related connected records describe a Linux kernel vulnerability: af_unix, where unix_stream_sendpage() could race with garbage collection, potentially dereferencing an unlocked skb and causing a use-after-free. The root cause is failu...

CVE-2023-54080

CVE-2023-54080 affects the Linux kernel in the btrfs zoned relocation path. When relocating and the corresponding region has no checksum, btrfs_finish_ordered_zoned() may reference an invalid checksum item, causing ordered_extent’s logical address to become invalid and later trigger a NULL pointe...

CVE-2022-50773

CVE-2022-50773 is a Linux kernel vulnerability affecting ALSA mts64 where a null pointer defer can occur in snd_mts64_interrupt if mts64 is not initialized at interrupt time. The provided exploit trace shows a kernel NULL dereference and a subsequent reboot in an environment testing with CONFIG_P...

CVE-2022-50773 ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt

In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in sndmts64interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIGPARPORT=m, CONFIGPARPORTPC=m, CONFIGSNDMTS64=m Then...

CVE-2022-50773 ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt

In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in sndmts64interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIGPARPORT=m, CONFIGPARPORTPC=m, CONFIGSNDMTS64=m Then...

CVE-2023-54060

CVE-2023-54060 is a Linux kernel vulnerability in the iommufd subsystem where end was not set correctly during batch carry, which could trigger a NULL pointer dereference in batch_unpin. Public advisories (Red Hat, ENISA EUVD, and OSV) confirm the issue and indicate a fix has been applied in the ...

CVE-2023-54059 soc: mediatek: mtk-svs: Enable the IRQ later

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

CVE-2023-54053 wifi: iwlwifi: pcie: fix possible NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwlpciprobe will fail and free the trans, then afterwards iwlpciremove will be called and crash by trying to access trans which is already freed, fix...

CVE-2023-54049

Technical details for CVE-2023-54049 are not publicly provided in the supplied documents. The materials reference a Linux kernel fix in rpmsg: glink to check kstrdup() return value and prevent NULL pointer dereference; monitor for updates.

CVE-2023-54049 rpmsg: glink: Add check for kstrdup

In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup and return the error if it fails in order to avoid NULL pointer dereference...

CVE-2022-50735 wifi: mt76: do not run mt76u_status_worker if the device is not running

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76ustatusworker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76ustatusworker thread if the device is not running yet. KASAN: null-ptr-deref in range...

CVE-2022-50715 md/raid1: stop mdx_raid1 thread when raid1 array run failed

In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdxraid1 thread were not stop, Even if the associated resources have been released. it wi...

CVE-2025-68738 wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case, and apply them later. Move th...

AZL-73138 CVE-2025-68379 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...

CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2025-68379

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...

UBUNTU-CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2023-54004

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We had a similar...