CVE-2022-50721

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg<br /> <br /> The calling convention for pre_slave_sg is to return NULL on error and<br /> provide an error log to the system. Qcom-adm instead provide error<br /> pointer when an error occur. This indirectly cause kernel panic for<br /> example for the nandc driver that checks only if the pointer returned by<br /> device_prep_slave_sg is not NULL. Returning an error pointer makes nandc<br /> think the device_prep_slave_sg function correctly completed and makes<br /> the kernel panics later in the code.<br /> <br /> While nandc is the one that makes the kernel crash, it was pointed out<br /> that the real problem is qcom-adm not following calling convention for<br /> that function.<br /> <br /> To fix this, drop returning error pointer and return NULL with an error<br /> log.