CVE-2023-3357
https://notcve.org/view.php?id=CVE-2023-3357
A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=53ffa6a9f83b2170c60591da1ead8791d5a42e81 • CWE-476: NULL Pointer Dereference •
CVE-2023-3439
https://notcve.org/view.php?id=CVE-2023-3439
A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service. • http://www.openwall.com/lists/oss-security/2023/07/02/1 https://bugzilla.redhat.com/show_bug.cgi?id=2217915 https://github.com/torvalds/linux/commit/b561275d633bcd8e0e8055ab86f1a13df75a0269 • CWE-416: Use After Free •
CVE-2023-3212 – kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()
https://notcve.org/view.php?id=CVE-2023-3212
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic. A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. • https://bugzilla.redhat.com/show_bug.cgi?id=2214348 https://github.com/torvalds/linux/commit/504a10d9e46bc37b23d0a1ae2f28973c8516e636 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://security.netapp.com/advisory/ntap-20230929-0005 https://www.debian.org/security/2023/dsa-5448 https://www.debian.org/security/2023/dsa-5480 https://access.redhat.com/security/cve/CVE-2023-3212 • CWE-476: NULL Pointer Dereference •
CVE-2023-3317
https://notcve.org/view.php?id=CVE-2023-3317
A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to a kernel information leak problem. • https://patchwork.kernel.org/project/linux-wireless/patch/51fd8f76494348aa9ecbf0abc471ebe47a983dfd.1679502607.git.lorenzo%40kernel.org • CWE-416: Use After Free •
CVE-2023-3220
https://notcve.org/view.php?id=CVE-2023-3220
An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93340e10b9c5fc86730d149636e0aa8b47bb5a34 • CWE-476: NULL Pointer Dereference •