In the Linux kernel, the following vulnerability has been resolved:
thermal/int340xthermal: handle datavault when the value is ZEROSIZEPTR
In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZEROSIZEPTR (0x10).
Then the datavaultread() got NULL point dereference problem when accessing the 0x10 value in data_vault.
[ 71.024560] BUG: kernel NULL pointer dereference, address: 0000000000000010
This patch uses ZEROORNULLPTR() for checking ZEROSIZEPTR or NULL value in datavault.