CVE-2026-43297

In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rga: Fix possible ERRPTR dereference in rgabufinit rgagetframe can return ERRPTR-EINVAL when buffer type is unsupported or invalid. rgabufinit does not check the return value and unconditionally dereferences the...

SUSE CVE-2026-43221

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

PT-2026-39012

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the KVM arm64 component, a failure in the vgic allocate private irqs locked function during vgic creation can lead to dist-rd regions remaining uninitialized. Consequently, when kvm...

PT-2026-39017

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the adis init function. The function attempts to dereference adis-ops to verify if specific function pointers write, read, reset are NULL without fir...

PT-2026-39056

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the xe sync entry parse function fails during parsing. The function may allocate references for syncobj, fence, chain fence, or user fence...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, stemming from an initialization order issue with ext4percpuparaminit, which could lead to system crashes...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ov5647 driver not initializing sub-devices before initialization control. This could lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-43288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: move ext4percpuparaminit before ext4mbinit When running kvm-xfstests -c ext4/1k -C 1 generic/383 with the DOUBLECHECK macro defined, the following panic i...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the IDManifest::init process during prefix expansion. An attacker can trigger an out-of-bounds read by providing a crafted prefix-compressed string where the code attempts to access bytes that do not exist in the...

SUSE CVE-2026-43160

In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...

CVE-2026-43278

A flaw was found in the Linux kernel's device-mapper dm component, specifically affecting request-based device-mapper targets like dm-multipath. Stale bio pointers in cloned requests can lead to double-initialization and subsequent double-free scenarios of cloned bios. This memory corruption...

Linux Distros Unpatched Vulnerability : CVE-2026-43146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: iris: Add buffer to list only after successful allocation Move listaddtail to after dmaallocattrs succeeds when creating internal buffers. Previously, th...

CVE-2026-43164

A flaw was found in the Linux kernel's UDP-Lite User Datagram Protocol-Lite implementation. An issue during the initialization of UDP-Lite sockets can lead to a null-pointer dereference in the udpenqueuescheduleskb function. This vulnerability could allow an attacker to trigger a system crash,...

OPENSUSE-SU-2026:20695-1 Security update for libtpms

This update for libtpms fixes the following issues: - CVE-2025-49133: Fixed potential out of bounds OOB read vulnerability bsc1244528. - CVE-2026-21444: Fixed remote data confidentiality compromise via incorrect Initialization Vector IV handling bsc1260439...

SUSE-SU-2026:21581-1 Security update for libtpms

This update for libtpms fixes the following issues: - CVE-2025-49133: Fixed potential out of bounds OOB read vulnerability bsc1244528. - CVE-2026-21444: Fixed remote data confidentiality compromise via incorrect Initialization Vector IV handling bsc1260439...

SUSE-SU-2026:21571-1 Security update for libtpms

This update for libtpms fixes the following issues: - CVE-2025-49133: Fixed potential out of bounds OOB read vulnerability bsc1244528. - CVE-2026-21444: Fixed remote data confidentiality compromise via incorrect Initialization Vector IV handling bsc1260439...

CVE-2025-71285

A flaw was found in the Linux kernel's qrtr driver. A race condition in the Modem Host Interface MHI autoqueue feature for Inter-Processor Communication Router IPCR downlink channels can lead to a NULL pointer dereference. This occurs because a callback function may be invoked before the qrtr...

CVE-2026-43087

A flaw was found in the Linux kernel's pinctrl subsystem, specifically within the mcp23s08 driver. During system initialization, a hardware chip may have its interrupt-on-change feature enabled on certain pins. This can cause the system to generate interrupts for which no corresponding software...

EUVD-2026-27723

In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...

EUVD-2026-27693

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix null pointer dereference issue If SMU is disabled, during RAS initialization, there will be null pointer dereference issue here...