In the Linux kernel, the following vulnerability has been resolved:

nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet

syzbot reported the following uninit-value access issue [1][2]:

nci_rx_work() parses and processes received packet. When the payload
length is zero, each message type handler reads uninitialized payload
and KMSAN detects this issue. The receipt of a packet with a zero-size
payload is considered unexpected, and therefore, such packets should be
silently discarded.

This patch resolved this issue by checking payload size before calling
each message type handler codes.

kernel.org https://git.kernel.org/stable/c/03fe259649a551d336a7f20919b641ea100e3fff [No types assigned]

kernel.org https://git.kernel.org/stable/c/11387b2effbb55f58dc2111ef4b4b896f2756240 [No types assigned]

kernel.org https://git.kernel.org/stable/c/755e53bbc61bc1aff90eafa64c8c2464fd3dfa3c [No types assigned]

kernel.org https://git.kernel.org/stable/c/8948e30de81faee87eeee01ef42a1f6008f5a83a [No types assigned]

kernel.org https://git.kernel.org/stable/c/a946ebee45b09294c8b0b0e77410b763c4d2817a [No types assigned]

kernel.org https://git.kernel.org/stable/c/ac68d9fa09e410fa3ed20fb721d56aa558695e16 [No types assigned]

kernel.org https://git.kernel.org/stable/c/b51ec7fc9f877ef869c01d3ea6f18f6a64e831a7 [No types assigned]

kernel.org https://git.kernel.org/stable/c/d24b03535e5eb82e025219c2f632b485409c898f [No types assigned]