NULL Pointer Dereference Affecting kernel-zfcpdump-devel package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL8-KERNELZFCPDUMPDEVEL-8282166
- published 23 Oct 2024
- disclosed 22 Oct 2024
Introduced: 22 Oct 2024
CVE-2023-52918 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:8
kernel-zfcpdump-devel
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-zfcpdump-devel
package and not the kernel-zfcpdump-devel
package as distributed by RHEL
.
See How to fix?
for RHEL:8
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
media: pci: cx23885: check cx23885_vdev_init() return
cx23885_vdev_init() can return a NULL pointer, but that pointer is used in the next line without a check.
Add a NULL pointer check and go to the error unwind if it is NULL.
References
- https://access.redhat.com/security/cve/CVE-2023-52918
- https://git.kernel.org/stable/c/06ee04a907d64ee3910fecedd05d7f1be4b1b70e
- https://git.kernel.org/stable/c/15126b916e39b0cb67026b0af3c014bfeb1f76b3
- https://git.kernel.org/stable/c/199a42fc4c45e8b7f19efeb15dbc36889a599ac2
- https://git.kernel.org/stable/c/8e31b096e2e1949bc8f0be019c9ae70d414404c6
- https://git.kernel.org/stable/c/a5f1d30c51c485cec7a7de60205667c3ff86c303
- https://git.kernel.org/stable/c/b1397fb4a779fca560c43d2acf6702d41b4a495b
- https://git.kernel.org/stable/c/e7385510e2550a9f8b6f3d5f33c5b894ab9ba976