CVE-2026-53213

CVE-2026-53213 affects the Linux kernel’s DRM VC4 path. The vulnerability is a memory-leak scenario in krealloc(): if krealloc() returns NULL, the original pointer may be overwritten, leaking the previously allocated memory. The advised fix uses a temporary variable to hold krealloc()’s return va...

CVE-2026-53158

The CVE-2026-53158 issue affects the Linux kernel’s fastrpc rpmsg path. A NULL pointer dereference could occur at boot when a DSP glink message arrives before fastrpc_rpmsg_probe() has finished initialization, causing a crash from an uninitialized spinlock on the fastrpc_channel_ctx. The root cau...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cppccpufreq: Fixed a possible null pointer dereferencing issue. The functions cppccpufreqgetrate and hiicppccpufreqgetrate can be called from different locations with various parameters. Therefore, cpufreqcpuget may return null a...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Do not call freepagesexact with a NULL address. Unlike some other functions, we cannot pass a NULL pointer to freepagesexact. Add a proper NULL check to avoid potential errors...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent a jump to NULL for the addsidecar callback In the createsdwdailink function, it is checked that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciuart: A missing NULL check was added in h5enqueue. The Syzbot encountered a general protection fault in pmruntimeresume. The issue was due to a missing NULL check. hu-serdev can be NULL, and we should not blindly...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Do not unset the “window” parameter if it was never set. On pSeries, when a user attempts to use the same vfio container used by different iommu groups, the spaprtcesetwindow function returns -EPERM. The...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fixed a crash that occurred when freeing an invalid crypto compressor. When cryptoallocacomp fails, it returns an ERRPTR value instead of NULL. The cleanup code in savecompressedimage and loadcompressedimage...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gve: Added a missing NULL check for gveallocpendingpacket in TX DQO. gveallocpendingpacket may return NULL, but gvetxaddskbdqo did not check for this case before dereferencing the returned pointer. A missing NULL check was add...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fixed the null check for powersupplygetbyname. In the cpcapusbdetect function, the powersupplygetbyname function may return NULL instead of an error pointer. To prevent potential null pointer...

EUVD-2026-37190

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0156

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-71313

A flaw was found in the Linux kernel's PCI endpoint driver. A missing NULL check for the allocworkqueue function can lead to a NULL pointer dereference if memory allocation fails. This vulnerability, specifically within the epfntbepcinit function, allows a local attacker to cause a system crash,...

CVE-2026-46245

CVE-2026-46245 affects the AMDGPU display driver in the Linux kernel. The vulnerability arises in amdgpu_dm_hpd_init() where a NULL dc_link could be dereferenced while setting up HPD interrupts, despite an earlier check for polling decisions. The provided patch assigns dc_link early and skips con...

CVE-2025-71313

Summary (CVE-2025-71313) : In the Linux kernel PCI endpoint driver, there is a missing NULL check after alloc_workqueue(), which can return NULL on memory allocation failure. If a NULL workqueue pointer is later passed to queue_work() in epf_ntb_epc_init(), this can cause a NULL pointer dereferen...

CVE-2025-71313 PCI: endpoint: Add missing NULL check for alloc_workqueue()

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...

EUVD-2025-210056

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...

PT-2026-45984

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the PCI endpoint component. The function alloc workqueue may return NULL during a memory allocation failure. If this return value is not properly...

CVE-2026-0086

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2026-33798

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...