60 matches found
SUSE-SU-2025:03285-1 Security update for mybatis, ognl
This update for mybatis, ognl fixes the following issues: Version update to 3.5.7: Bug fixes: + Improved performance under JDK 8. 2223 Version update to 3.5.8: List of changes: + Avoid NullPointerException when mapping an empty string to java.lang.Character. 2368 + Fixed an incorrect argument whe...
DEBIAN-CVE-2025-38684
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported schets test-case 1 crashing in etsclassqlennotify after recent changes from Lion 2. The problem is: in etsqdiscchange we purge unused DWRR queues; the...
Linux Distros Unpatched Vulnerability : CVE-2024-26723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the...
Linux Distros Unpatched Vulnerability : CVE-2025-37826
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the...
CVE-2025-38263
In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cachesetflush 1. LINE1794 - LINE1887 is some codes about function of bchcachesetalloc. 2. LINE2078 - LINE2142 is some codes about function of registercacheset. 3. registercacheset will call...
CVE-2025-38263 bcache: fix NULL pointer in cache_set_flush()
In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cachesetflush 1. LINE1794 - LINE1887 is some codes about function of bchcachesetalloc. 2. LINE2078 - LINE2142 is some codes about function of registercacheset. 3. registercacheset will call...
CVE-2025-38263 bcache: fix NULL pointer in cache_set_flush()
In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cachesetflush 1. LINE1794 - LINE1887 is some codes about function of bchcachesetalloc. 2. LINE2078 - LINE2142 is some codes about function of registercacheset. 3. registercacheset will call...
CVE-2025-38050
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops:...
PT-2025-25950
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurred during debugging when the axi chan dump lli function was passed a NULL LLI pointer, causing an OOPS due to...
CVE-2022-21739
Tensorflow is an Open Source Machine Learning Framework. The implementation of QuantizedMaxPool has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow...
RHEL 9 : kernel (RHSA-2025:7526)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7526 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Information disclosure in...
CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
UBUNTU-CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
CVE-2025-23145 mptcp: fix NULL pointer in can_accept_new_subflow
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...
SUSE-SU-2025:1137-1 Security update for xz
This update for xz fixes the following issues: - CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414...
CVE-2023-52991
CVE-2023-52991 affects the Linux kernel’s skb_segment_list path. The issue stems from a prior change: net: Support GRO/GSO fraglist chaining, which can cause frag_list to be NULL if it is pulled into the linear area during processing. This condition leads to a NULL pointer dereference in skb_segm...
UBUNTU-CVE-2022-49626
In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov and later read in efxef10sriovfreevfvports,...
CVE-2021-47650
CVE-2021-47650: In the Linux kernel, ASoC: soc-compress had a potential null pointer when codec_dai could be NULL if card->dai_link->num_codecs was 0, traced through snd_soc_register_card() -> snd_soc_bind_card() -> soc_init_pcm_runtime() -> snd_soc_dai_compress_new() -> snd_soc...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2024-57915
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Disable ep before setting port to null to fix the crash caused by port being null Considering that in some extreme cases, when performing the unbinding operation, gserialdisconnect has cleared gser-ioport,...