CVE-2023-54314
EUVD-2023-6049030.12.2025, 13:16
In the Linux kernel, the following vulnerability has been resolved:
media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
In af9005_i2c_xfer, msg is controlled by user. When msg[i].buf
is null and msg[i].len is zero, former checks on msg[i].buf would be
passed. Malicious data finally reach af9005_i2c_xfer. If accessing
msg[i].buf[0] without sanity check, null ptr deref would happen.
We add check on msg[i].len to prevent crash.
Similar commit:
commit 0ed554fd769a
("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")EnginsightAwaiting analysis
This vulnerability is currently awaiting analysis.
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| cluster-md-kmp-default |
| ||||||||
| dlm-kmp-default |
| ||||||||
| gfs2-kmp-default |
| ||||||||
| kernel-64kb |
| ||||||||
| kernel-azure |
| ||||||||
| kernel-default |
| ||||||||
| kernel-default-base |
| ||||||||
| kernel-docs |
| ||||||||
| kernel-macros |
| ||||||||
| kernel-obs-build |
| ||||||||
| kernel-source |
| ||||||||
| kernel-source-azure |
| ||||||||
| kernel-syms |
| ||||||||
| kernel-syms-azure |
| ||||||||
| kernel-zfcpdump |
| ||||||||
| ocfs2-kmp-default |
| ||||||||
| reiserfs-kmp-default |
|
References