NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the PFCP SessionReportRequest process when ReportType.DLDR is set but the DownlinkDataReport information element is missing. An attacker can cause the process to terminate unexpectedly by sending a specially...

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the PFCP Association Setup Request process. An attacker can cause service disruption and trigger reconnection loops by sending a malformed request that is incorrectly accepted, resulting in an inconsisten...

CVE-2026-2967

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/netbuiltin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiate...

SUSE-SU-2026:20471-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length...

SUSE-SU-2026:20517-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length...

SUSE-SU-2026:0550-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.65 fixes various security issues The following security issues were fixed: - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-leng...

CVE-2026-2525

A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2026-2525

A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2026-23150

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to sockerrors...

UBUNTU-CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

CVE-2026-23125

CVE-2026-23125 (Linux kernel SCTP) : A null-pointer dereference in the SCTP transmit path could occur when SCTP-AUTH key initialization fails during INIT_ACK processing. The issue arises because SCTP_CMD_ASSOC_SHKEY is executed after PEER_INIT and can leave asoc->shkey NULL if key setup fails,...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper order of the SCTPCMDASSOCSHKEY command in SCTP, potentially leading to a null pointer...

CVE-2025-70122

CVE-2025-70122 describes a heap buffer overflow in the UPF component of free5GC v4.0.1 caused by processing a PFCP Session Modification Request in sdf-filter.go (SDFFilterFields.UnmarshalBinary). When a declared length exceeds the actual buffer capacity, a runtime panic occurs, crashing the UPF. ...

CVE-2026-1996

Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection...

CVE-2026-1996

Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection...

CVE-2026-1996

HP OfficeJet Pro printers are affected by CVE-2026-1996, where IPP request handling can lead to a denial of service by failing to establish a TCP connection. The vulnerability is network-based with low attack complexity and no privileges required, and it primarily impacts availability (LOW) with ...

CVE-2026-1996 Certain HP OfficeJet Pro Printers – Denial of Service

Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection...

PT-2026-7325

Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection...

CVE-2026-1682

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The...