Nadezda Lutovinova

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer dereference vulnerability has been resolved in the Linux kernel. The issue occurs when the driver reads a tmp value from a device that meets certain conditions: `(tmp & 0x08) && (!(tmp & 0x80)) && ((tmp & 0x7) == ((tmp >> 4) & 0x7))`. This can happen if `tmp = 0b0xyz1xyz`, where the same literals mean the same numbers. The patch fixes the issue by removing an unnecessary structure field, specifically `lm75[]`, which no longer serves a purpose after switching to `devm i2c new dummy device()` in `w83791d detect subclients()`. The vulnerability was found by the Linux Driver Verification project. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer dereference vulnerability has been resolved in the Linux kernel. The issue occurs when the driver reads a value from a device that meets certain conditions: `(val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7))`. This can happen if the value `tmp` is equal to `0b0xyz1xyz`, where the same literals mean the same numbers. The patch fixes the issue by removing the unnecessary structure field `lm75[]`, which no longer serves a purpose after switching to `devm i2c new dummy device()` in `w83791d detect subclients()`. The vulnerability was found by the Linux Driver Verification project. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer dereference issue has been resolved in the Linux kernel. The issue occurs when the driver reads a value from a device that meets certain conditions: `(val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7))`. This can happen if the value `tmp` equals `0b0xyz1xyz`, where the same literals represent the same numbers. The patch fixes the issue by removing an unnecessary structure field `lm75[]`, which no longer serves a purpose after switching to `devm i2c new dummy device()` in `w83791d detect subclients()`. The issue was found by the Linux Driver Verification project. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.