References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

char: applicom: fix NULL pointer dereference in ac_ioctl

Discovered by Atuin - Automated Vulnerability Discovery Engine.

In ac_ioctl, the validation of IndexCard and the check for a valid
RamIO pointer are skipped when cmd is 6. However, the function
unconditionally executes readb(apbs[IndexCard].RamIO + VERS) at the
end.

If cmd is 6, IndexCard may reference a board that does not exist
(where RamIO is NULL), leading to a NULL pointer dereference.

Fix this by skipping the readb access when cmd is 6, as this
command is a global information query and does not target a specific
board context.

https://git.kernel.org/stable/c/0b8b353e09888bccee405e0dd6feafb60360f478

https://git.kernel.org/stable/c/74883565c621eec6cd2e35fe6d27454cf2810c23

https://git.kernel.org/stable/c/82d12088c297fa1cef670e1718b3d24f414c23f7

https://git.kernel.org/stable/c/d285517429a75423789e6408653e57b6fdfc8e54

https://git.kernel.org/stable/c/f83e3e9f89181b42f6076a115d767a7552c4a39e