18 matches found
CVE-2025-38312 fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fbcvthperiod,...
CVE-2023-53066
In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: guard against NULL derefs from qediovgetvfinfo We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center linuxtesting.org with the SVACE static analysis...
CVE-2023-53066
CVE-2023-53066 affects the Linux kernel in the qed_sriov path. The vulnerability arises from potential NULL dereferences in qed_iov_get_vf_info, and the fix guards against NULL pointers by validating the helper’s returned info before use. This is a local issue with the impact characterized as hig...
CVE-2025-21775
CVE-2025-21775 affects the Linux kernel CAN ctucanfd component. When skb allocation fails, the can_frame pointer can be NULL, and one NULL check was missed in ctucan_err_interrupt(); a fix adding the NULL check was implemented in the kernel (see references to the can: ctucanfd: handle skb allocat...
CVE-2024-58009
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2capsockalloc A NULL sock pointer is passed into l2capsockalloc when it is called from l2capsocknewconnectioncb and the error handling paths should also be aware of it. Seemingly a...
CVE-2022-49731 ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in atahostallocpinfo In an unlikely and probably wrong? case that the 'ppi' parameter of atahostallocpinfo points to an array starting with a NULL pointer, there's going to be a kernel oop...
CVE-2022-49267
Removed by vendor...
CVE-2024-47743
In the Linux kernel, the following vulnerability has been resolved: KEYS: prevent NULL pointer dereference in findasymmetrickey In findasymmetrickey, if all NULLs are passed in the id0,1,2 arguments, the kernel will first emit WARN but then have an oops because id2 gets dereferenced anyway. Add t...
CVE-2024-47743 KEYS: prevent NULL pointer dereference in find_asymmetric_key()
In the Linux kernel, the following vulnerability has been resolved: KEYS: prevent NULL pointer dereference in findasymmetrickey In findasymmetrickey, if all NULLs are passed in the id0,1,2 arguments, the kernel will first emit WARN but then have an oops because id2 gets dereferenced anyway. Add t...
CVE-2024-47743
CVE-2024-47743 affects the Linux kernel in the KEYS subsystem. In find_asymmetric_key(), if id_{0,1,2} are all NULL, a WARN is emitted but a null dereference on id_2 occurs, leading to an oops. The vulnerable code is fixed by adding the missing id_2 NULL check and by moving WARN_ON() to the final...
CVE-2024-35878
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
CVE-2024-35878
CVE-2024-35878 : The connected documentation provides concrete details—this Linux kernel vulnerability concerns a NULL pointer dereference in vsnprintf() triggered by improper handling of the str/len parameters in of_modalias(). The issue could oops when a NULL pointer is passed unless length is ...
CVE-2022-48672
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e "drivers/of: Fix depth when unflattening devicetree" forgot to fix up the depth check in the loop body in unflattendtnodes which makes it possible to overflow...
CVE-2022-48672
CVE-2022-48672 is a Linux kernel issue in the device-tree flattening path: in unflatten_dt_nodes(), an off-by-one error can overflow the nps[] buffer due to an unfixed depth check in the loop. The problem was fixed by commit 78c44d910d3e, in which the depth handling during unflattening was correc...
CVE-2022-48672 of: fdt: fix off-by-one error in unflatten_dt_nodes()
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e "drivers/of: Fix depth when unflattening devicetree" forgot to fix up the depth check in the loop body in unflattendtnodes which makes it possible to overflow...
CVE-2022-48672 of: fdt: fix off-by-one error in unflatten_dt_nodes()
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e "drivers/of: Fix depth when unflattening devicetree" forgot to fix up the depth check in the loop body in unflattendtnodes which makes it possible to overflow...
CVE-2024-27041
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix NULL checks for adev-dm.dc in amdgpudmfini Since 'adev-dm.dc' in amdgpudmfini might turn out to be NULL before the call to dcenabledmubnotifications, check beforehand to ensure there will not be a possible...
CVE-2022-48657 arm64: topology: fix possible overflow in amu_fie_setup()
In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amufiesetup cpufreqgethwmaxfreq returns max frequency in kHz as unsigned int, while freqinvsetmaxratio gets passed this frequency in Hz as 'u64'. Multiplying max frequency by 1000 can...