References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug

The qmp_usb_iomap() helper function currently returns the raw result of
devm_ioremap() for non-exclusive mappings. Since devm_ioremap() may return
a NULL pointer and the caller only checks error pointers with IS_ERR(),
NULL could bypass the check and lead to an invalid dereference.

Fix the issue by checking if devm_ioremap() returns NULL. When it does,
qmp_usb_iomap() now returns an error pointer via IOMEM_ERR_PTR(-ENOMEM),
ensuring safe and consistent error handling.

https://git.kernel.org/stable/c/0b979a409e40457ca1b5cb48755d1f34eee58805

https://git.kernel.org/stable/c/0c33117f00c8c5363c22676931b22ae5041f7603

https://git.kernel.org/stable/c/127dfb4f1c5a2b622039c5d203f321380ea36665

https://git.kernel.org/stable/c/5072c1749197fc28b27d7efc0d80320d7cac9572

https://git.kernel.org/stable/c/d14402a38c2d868cacb1facaf9be908ca6558e59