CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23001
https://notcve.org/view.php?id=CVE-2023-23001
01 Mar 2023 — In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23002
https://notcve.org/view.php?id=CVE-2023-23002
01 Mar 2023 — In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 • CWE-476: NULL Pointer Dereference •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23003
https://notcve.org/view.php?id=CVE-2023-23003
01 Mar 2023 — In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16 • CWE-252: Unchecked Return Value •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23005
https://notcve.org/view.php?id=CVE-2023-23005
01 Mar 2023 — In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached. • https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23006
https://notcve.org/view.php?id=CVE-2023-23006
01 Mar 2023 — In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23000 – Ubuntu Security Notice USN-6704-4
https://notcve.org/view.php?id=CVE-2023-23000
01 Mar 2023 — In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare U... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23004 – Ubuntu Security Notice USN-6300-1
https://notcve.org/view.php?id=CVE-2023-23004
01 Mar 2023 — In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that t... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22996
https://notcve.org/view.php?id=CVE-2023-22996
28 Feb 2023 — In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22998 – kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()
https://notcve.org/view.php?id=CVE-2023-22998
28 Feb 2023 — In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.3 • CWE-436: Interpretation Conflict •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22999
https://notcve.org/view.php?id=CVE-2023-22999
28 Feb 2023 — In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 • CWE-476: NULL Pointer Dereference •