We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach af9035_i2c_master_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")
Reserved 2024-08-21 | Published 2024-09-06 | Updated 2024-11-04 | Assigner Linuxgit.kernel.org/...c/b2f54ed7739dfdf42c4df0a11131aad7c8635464
git.kernel.org/...c/fa58d9db5cad4bb7bb694b6837e3b96d87554f2b
git.kernel.org/...c/b49c6e5dd236787f13a062ec528d724169f11152
git.kernel.org/...c/6c01ef65de0b321b2db1ef9abf8f1d15862b937e
git.kernel.org/...c/d9ef84a7c222497ecb5fdf93361c76931804825e
git.kernel.org/...c/0143f282b15f7cedc0392ea10050fb6000fd16e6
git.kernel.org/...c/41b7181a40af84448a2b144fb02d8bf32b7e9a23
git.kernel.org/...c/7bf744f2de0a848fb1d717f5831b03db96feae89
Support options