CVE-2026-43122

A flaw was found in the Linux kernel's Advanced Configuration and Power Interface ACPI cpuidle driver. Due to an update in the acpiprocessorstart function, a NULL pointer dereference can occur if acpiprocessorpowerinit is called without a cpuidle driver. This vulnerability could allow a local...

CVE-2026-43094

A flaw was found in the Linux kernel's ixgbevf driver. When running on Hyper-V virtual machines, a missing operation in the driver's Hyper-V operations table can lead to a null pointer dereference during feature negotiation. This vulnerability allows a local user to trigger a system crash,...

CVE-2026-43099

A flaw was found in the Linux kernel, specifically within the IPv4 Internet Protocol version 4 and ICMP Internet Control Message Protocol components. When the IPv6 Internet Protocol version 6 stack is not active, a specific function ipv6devfind can return an error. If this error is then passed to...

CVE-2025-71293

A flaw was found in the Linux kernel's AMD GPU amdgpu driver. This vulnerability occurs when the EEPROM Electrically Erasable Programmable Read-Only Memory contains only invalid address entries, causing a critical data allocation to be skipped. This leads to a NULL pointer dereference, which can...

CVE-2025-71294

A flaw was found in the Linux kernel's drm/amdgpu component. When the SDMA System Direct Memory Access block is not enabled, the bufferfuncs are not properly initialized. This can lead to a NULL pointer dereference, potentially causing a system crash and a denial of service...

CVE-2025-71291

A flaw was found in the Linux kernel's bcmvk module. A null-pointer dereference can occur within the bcmvkread function if a specific condition is met where a pointer entry is NULL and an error code -EMSGSIZE is returned. This vulnerability could allow a local attacker to cause system instability...

CVE-2025-71295

A flaw was found in the Linux kernel. This vulnerability occurs when the trytofreebuffers function is called on memory pages folios that do not have associated data buffers, specifically when certain conditions related to memory release operations are met. This can lead to a null pointer...

CVE-2025-71285

A flaw was found in the Linux kernel's qrtr driver. A race condition in the Modem Host Interface MHI autoqueue feature for Inter-Processor Communication Router IPCR downlink channels can lead to a NULL pointer dereference. This occurs because a callback function may be invoked before the qrtr...

CVE-2026-43213

A flaw was found in the Linux kernel's rtw89pci component. This vulnerability allows an attacker to cause a kernel NULL pointer dereference by sending a specially crafted TX release report with an abnormal sequence number. This can lead to an out-of-bounds memory access, resulting in a system cra...

BIT-JAVA-MIN-2025-27113

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c...

BIT-JAVA-2025-27113

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c...

BIT-JAVA-MIN-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling

GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10...

BIT-JAVA-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling

GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10...

CVE-2026-43100

A flaw was found in the Linux kernel's bridge module. A local user can trigger a null pointer dereference by creating a bridge with specific configuration options. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS. Mitigation To mitigate this issue, prevent the...

EUVD-2026-27679

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionicqueryport The function ionicqueryport calls ibdevicegetnetdev without checking the return value which could lead to NULL pointer dereference, Fix it by checking the retur...

EUVD-2026-27666

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...

EUVD-2026-27766

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtkmdpunregisterm2mdevice on the error handling path to prevent resource leak. Add check for the return value of vpugetplatdevice to prevent null pointer dereference. And...

EUVD-2026-27775

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...

EUVD-2026-27734

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: xscale: Check for PTP support properly In ixp4xxgettsinfo ixp46xptpfind is called unconditionally despite this feature only existing on ixp46x, leading to the following splat from tcpdump: root@OpenWrt: tcpdump -vv...

EUVD-2026-27725

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the cited commit, udplibinitsock can fail, as can udpinitsock and udpv6initsock. Let's handle the error in...