4478 matches found
EUVD-2026-39204
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
EUVD-2026-39235
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...
EUVD-2026-39340
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...
CVE-2026-53271
The CVE-2026-53271 issue affects the Linux kernel ksmbd during oplock/lease break notifications (smb2_oplock_break_noti and smb2_lease_break_noti). The root cause is reading opinfo->conn into a local variable without READ_ONCE() and without a NULL check after opinfo_get_list() has dropped ci-&...
CVE-2026-53220
In the Linux kernel, CVE-2026-53220 affects netfilter bridge handling. The function ebt_redirect_tg() dereferences br_port_get_rcu() without a NULL check, leading to a kernel panic if the bridge port was removed between the original hook and an NFQUEUE reinject. The work-around uses the _upper AP...
CVE-2026-53135
CVE-2026-53135: Linux kernel drm/amd/display SDP debugfs vulnerability fixed. The function dp_sdp_message_debugfs_write() dereferenced connector->base.state->crtc without NULL checks, which could occur when a connector is connected but not bound to a CRTC (e.g., after hot-plug). This caused...
EUVD-2026-38900
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL deref in mapkptrmatchtype for scalar regs Commit ab6c637ad027 "bpf: Fix a bpfkptrxchg issue with local kptr" refactored mapkptrmatchtype to branch on btfiskernel before checking basetype. A scalar register stored in...
EUVD-2026-38711
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid NULL deref of conn-lnk in smcmsgevent tracepoint The smcmsgevent tracepoint class, shared by smctxsendmsg and smcrxrecvmsg, unconditionally dereferences smc-conn.lnk: stringname, smc-conn.lnk-ibname conn-lnk is onl...
CVE-2026-52941
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid NULL deref of conn-lnk in smcmsgevent tracepoint The smcmsgevent tracepoint class, shared by smctxsendmsg and smcrxrecvmsg, unconditionally dereferences smc-conn.lnk: stringname, smc-conn.lnk-ibname conn-lnk is onl...
CVE-2026-52939
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...
CVE-2026-52913
The CVE-2026-52913 issue affects the Linux kernel batman-adv subsystem where, after a batadv_hard_iface is disabled and its mesh_iface becomes NULL, batadv_v_ogm_send_meshif() can still queue OGMs via batadv_v_ogm_queue_on_if() for interfaces that lost their mesh_iface. This leads to a NULL point...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fixed a null reference during testing of fluster. When multiple instances are created or destroyed, many interrupts occur, and structures related to the decoder are removed. The struct vpuinstance...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Revert “usb: typec: ucsi: add a common function ucsiunregisterconnectors”. The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: GPIB – Fixed an Oops after disconnection in niusb. If the USB dongle is disconnected, subsequent calls to the driver will cause a NULL dereference Oops, as the businterface is set to NULL upon disconnection. This issue w...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereferencing of the timing generator Why & How Check whether the assigned timing generator is NULL before accessing its functions, to prevent NULL dereferencing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: auxdisplay: line-display: fixed NULL dereferencing in linedisprelease. linedisprelease currently retrieves the enclosing struct linedisp via tolinedisp. This retrieval depends on the attachment list, but the attachment may have...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: gsmi: fixed a null dereference in gsmigetvariable. We can access EFI variables without retrieving the attributes; therefore, we must allow this behavior in gsmi. The commit 859748255b43 “efi: pstore: Omit efivars caching EFI...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure that info-enable callback is always set. The ioctl and sysfs handlers call the -enable callback unconditionally. Not all drivers implement this callback, resulting in NULL dereferencing. Examples of affected drivers:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and there is no .driverdata, a NULL pointer dereferencing occurs. By inserting NULL checks for priv-type, ...