3 matches found
CVE-2022-48977
The CVE-2022-48977 vulnerability affects the Linux kernel CAN subsystem. It fixes a NULL pointer dereference in can_rcv_filter, triggered by missing initialization of ml_priv in the receive path for CAN frames. The issue arises because dev->type may be ARPHRD_CAN in CAN-capable devices, but so...
CVE-2022-49863
CVE-2022-49863 affects the Linux kernel CAN stack (af_can) where can_rx_register() dereferences ml_priv when dev_rcv_lists is NULL, leading to a NULL pointer dereference during CAN socket binding. The issue occurs during a sequence that binds a vxcan/bond setup to a CAN socket via netlink/socket ...
CVE-2021-47242
CVE-2021-47242 affects the Linux kernel and is tied to a fix for an issue in MPTCP subflow error reporting. The root cause was a soft lookup caused when subflow_error_report() attempted to acquire mptcp_data_lock across call paths that could already hold other locks, triggering a soft lockup unde...