Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless a new one was allocated. Avoid potential use-after-free conditions under memory pressure. If kzalloc fails, qvector will be freed, but it will remain in the original adapter-qvectorvidx array...

SUSE CVE-2024-43822

In the Linux kernel, the following vulnerability has been resolved: ASoc: PCM6240: Return directly after a failed devmkzalloc in pcmdevicei2cprobe The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devmkzalloc call failed at the beginning. This error code will...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: A NULL pointer dereferencing issue was fixed in ath12kmacophwscan. In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy, which may lead to a NULL pointer dereferencing if kzalloc fails. This...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: caif: A memory leak has been fixed in cfctrllinkuprequest. When linktype is unknown, or kzalloc fails in cfctrllinkuprequest, pkt is not released. Add a release process to the error handling logic...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007006)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007006 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007368)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007368 advisory. In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless new one was allocated Avoid potential use-after-free condition...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007366)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007366 advisory. In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992298)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992298 advisory. In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless new one was allocated Avoid potential use-after-free condition...

CVE-2023-54122 drm/msm/dpu: Add check for cstate

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

PT-2025-53199

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/msm/dpu subsystem. Specifically, a missing check for a null pointer after a kzalloc call can lead to a null pointer dereference within the drm...

CVE-2025-68309

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

CVE-2025-68309 PCI/AER: Fix NULL pointer access by aer_info

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988678 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynqqspiexecmemop In zynqqspiexecmemop,...

CVE-2023-53721 wifi: ath12k: Fix a NULL pointer dereference in ath12k_mac_op_hw_scan()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix a NULL pointer dereference in ath12kmacophwscan In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy, which may lead to a NULL pointer dereference on failure of kzalloc. Fix this bug by...

CVE-2023-53721

The CVE-2023-53721 entry concerns the Linux kernel wifi driver ath12k. The vulnerability is a NULL pointer dereference in ath12k_mac_op_hw_scan(), where kzalloc()’s return value could be used in memcpy() if allocation fails. The root cause is using the allocated pointer without verifying NULL bef...

EUVD-2022-55500

Malicious code in bioql PyPI...

EUVD-2023-59931

Malicious code in bioql PyPI...

SUSE CVE-2023-53330

In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in cfctrllinkuprequest, pkt is not released. Add release process to error path...

CVE-2023-53330

In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in cfctrllinkuprequest, pkt is not released. Add release process to error path...

CVE-2023-53330

In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in cfctrllinkuprequest, pkt is not released. Add release process to error path...