4634 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53135
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking f...
net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint
...
net/sched: cls_fw: fix NULL dereference of "old" filters before change()
...
drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs
...
dm cache: fix null-deref with concurrent writes in passthrough mode
...
bpf: Fix NULL deref in map_kptr_match_type for scalar regs
...
SUSE SLES15 Security Update : openssl-3-livepatches (SUSE-SU-2026:2662-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2662-1 advisory. This update for openssl-3-livepatches fixes the following issues - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC...
DEBIAN-CVE-2026-53313
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...
CVE-2026-53297
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
DEBIAN-CVE-2026-53297
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
UBUNTU-CVE-2026-53313
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...
UBUNTU-CVE-2026-53316
In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...
CVE-2026-53324
CVE-2026-53324 is addressed in the Linux kernel’s net: mana path. The fix replaces per-device debugfs directory naming that previously used a hardcoded "0" for PFs and pci_slot_name(pdev->slot) for VFs with pci_name(pdev), which yields the unique BDF address. This eliminates two issues: (1) po...
CVE-2026-53324 net: mana: Use pci_name() for debugfs directory naming
In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...
EUVD-2026-39851
In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...
CVE-2026-53315
The CVE affects the Linux kernel DRM AMD ras subsystem, specifically ras_core_get_utc_second_timestamp(). The root cause is a potential NULL pointer dereference when ras_core is NULL, as the function may access ras_core->dev to log an error if a conditional check fails. The fix adds an early N...
EUVD-2026-39902
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
CVE-2026-53297
The CVE-2026-53297 issue is in the Linux kernel mana network driver. A double invocation of mana_remove after a PM resume failure can dereference a NULL gc when unbinding, causing a kernel panic. The root cause is that, on a failed resume, mana_probe() calls mana_remove() which tears down state a...
CVE-2026-53298 net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue()
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
CVE-2026-53281
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...