CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2021-47652 – video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
https://notcve.org/view.php?id=CVE-2021-47652
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() I got a null-ptr-deref report: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:fb_destroy_modelist+0x38/0x100 ... Call Trace: ufx_usb_probe.cold+0x2b5/0xac1 [smscufx] usb_probe_interface+0x1aa/0x3c0 [usbcore] really_probe+0x167/0x460 ... ret_from_fork+0x1f/0x30 If fb_alloc_cmap() fails in ufx_usb_probe(), fb_destroy_modelist() will be called to destro... • https://git.kernel.org/stable/c/3c8a63e22a0802fd56380f6ab305b419f18eb6f5 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2021-47651 – soc: qcom: rpmpd: Check for null return of devm_kcalloc
https://notcve.org/view.php?id=CVE-2021-47651
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for null return of devm_kcalloc Because of the possible failure of the allocation, data->domains might be NULL pointer and will cause the dereference of the NULL pointer later. Therefore, it might be better to check it and directly return -ENOMEM without releasing data manually if fails, because the comment of the devm_kmalloc() says "Memory allocated with this function is automatically freed on driver detach.". • https://git.kernel.org/stable/c/bbe3a66c3f5a65fb3d702351bac2a6033944d389 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2021-47650 – ASoC: soc-compress: prevent the potentially use of null pointer
https://notcve.org/view.php?id=CVE-2021-47650
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that snd_soc_register_card() ->snd_soc_bind_card()->soc_init_pcm_runtime() ->snd_soc_dai_compress_new()->snd_soc_new_compress(). In the trace the 'codec_dai' transfers from card->dai_link, and we can see from the snd_soc_add_pcm_runtime() in snd_soc_bind_card() that, if value of card->dai_link->num_codecs is 0, then 'codec_dai' could be null pointer caus... • https://git.kernel.org/stable/c/467fece8fbc6774a3a3bd0981e1a342fb5022706 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2021-47649 – udmabuf: validate ubuf->pagecount
https://notcve.org/view.php?id=CVE-2021-47649
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf->pagecount Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The problem was in ubuf->pages == ZERO_PTR. ubuf->pagecount is calculated from arguments passed from user-space. If user creates udmabuf with list.size == 0 then ubuf->pagecount will be also equal to zero; it causes kmalloc_array() to return ZERO_PTR. Fix it by validating ubuf->pagecount before passing it to kmalloc_array(). • https://git.kernel.org/stable/c/fbb0de795078190a9834b3409e4b009cfb18a6d4 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2021-47648 – gpu: host1x: Fix a memory leak in 'host1x_remove()'
https://notcve.org/view.php?id=CVE-2021-47648
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a memory leak in 'host1x_remove()' Add a missing 'host1x_channel_list_free()' call in the remove function, as already done in the error handling path of the probe function. • https://git.kernel.org/stable/c/8474b02531c4881a762c52ef869c52429e38633f •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2021-47647 – clk: qcom: ipq8074: fix PCI-E clock oops
https://notcve.org/view.php?id=CVE-2021-47647
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clock parent. pcie0_rchng_clk_src has num_parents set to 2 but only one parent is actually set via parent_hws, it should also have "XO" defined. This will cause the kernel to panic on a NULL pointer in clk_core_get_parent_by_index(). So, to fix this utilize clk_parent_data to provide gcc_xo_gpll0 parent data. Since there is already an e... • https://git.kernel.org/stable/c/f0cfcf1ade201dcfd3365f231efc90e846fa46df •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2021-47646 – Revert "Revert "block, bfq: honor already-setup queue merges""
https://notcve.org/view.php?id=CVE-2021-47646
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash [1] happened to be triggered in conjunction with commit 2d52c58b9c9b ("block, bfq: honor already-setup queue merges"). The latter was then reverted by commit ebc69e897e17 ("Revert "block, bfq: honor already-setup queue merges""). Yet, the reverted commit was not the one introducing the bug. In fact, it actually triggered a UAF introduced by a different commit, and now fi... • https://git.kernel.org/stable/c/f990f0985eda59d4f29fc83fcf300c92b1225d39 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2021-47645 – media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com
https://notcve.org/view.php?id=CVE-2021-47645
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com On the case tmp_dcim=1, the index of buffer is miscalculated. This generate a NULL pointer dereference later. So let's fix the calcul and add a check to prevent this to reappear. • https://git.kernel.org/stable/c/bafec1a6ba4b187a7fcdcfce0faebdc623d4ef8e •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2021-47644 – media: staging: media: zoran: move videodev alloc
https://notcve.org/view.php?id=CVE-2021-47644
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: staging: media: zoran: move videodev alloc Move some code out of zr36057_init() and create new functions for handling zr->video_dev. This permit to ease code reading and fix a zr->video_dev memory leak. • https://git.kernel.org/stable/c/bd01629315ffd5b63da91d0bd529a77d30e55028 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2021-47643 – media: ir_toy: free before error exiting
https://notcve.org/view.php?id=CVE-2021-47643
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: free before error exiting Fix leak in error path. • https://git.kernel.org/stable/c/99e3f83539cac6884a4df02cb204a57a184ea12b •