CVE-2023-23002
https://notcve.org/view.php?id=CVE-2023-23002
In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 https://github.com/torvalds/linux/commit/6845667146a28c09b5dfc401c1ad112374087944 • CWE-476: NULL Pointer Dereference •
CVE-2023-23004
https://notcve.org/view.php?id=CVE-2023-23004
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19 https://github.com/torvalds/linux/commit/15342f930ebebcfe36f2415049736a77d7d2e045 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html • CWE-476: NULL Pointer Dereference •
CVE-2023-23001
https://notcve.org/view.php?id=CVE-2023-23001
In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 https://github.com/torvalds/linux/commit/3ba880a12df5aa4488c18281701b5b1bc3d4531a • CWE-476: NULL Pointer Dereference •
CVE-2023-23003
https://notcve.org/view.php?id=CVE-2023-23003
In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16 https://github.com/torvalds/linux/commit/0a515a06c5ebfa46fee3ac519e418f801e718da4 https://security.netapp.com/advisory/ntap-20230331-0003 • CWE-252: Unchecked Return Value •
CVE-2023-23005
https://notcve.org/view.php?id=CVE-2023-23005
In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached. • https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2 https://github.com/torvalds/linux/commit/4a625ceee8a0ab0273534cb6b432ce6b331db5ee • CWE-476: NULL Pointer Dereference •