OESA-2026-2044 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

OESA-2026-2043 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

OESA-2026-2042 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

OESA-2026-2041 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

OESA-2026-2016 firebird security update

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, MacOS and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production...

OESA-2026-2014 firebird security update

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, MacOS and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production...

OESA-2026-2013 firebird security update

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, MacOS and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production...

SUSE CVE-2026-31540

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Check setdefaultsubmission before deferencing When the i915 driver firmware binaries are not present, the setdefaultsubmission pointer is not set. This pointer is dereferenced during suspend anyways. Add a check to...

SUSE CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

SUSE CVE-2026-31546

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bonddebugrlbhashshow rlbclearslave intentionally keeps RLB hash-table entries on the rxhashtblusedhead list with slave set to NULL when no replacement slave is available. However,...

SUSE CVE-2026-31549

In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before...

SUSE CVE-2026-31562

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct, so this structure needs to be...

SUSE CVE-2026-31599

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

SUSE CVE-2026-31625

In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alpsrawevent Commit ecfa6f34492c "HID: Add HIDCLAIMEDINPUT guards in rawevent callbacks missing them" attempted to fix up the HID drivers that had missed the previous fix that was done i...

SUSE CVE-2026-31651

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free...

Linux Distros Unpatched Vulnerability : CVE-2026-31540

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915/gt: Check setdefaultsubmission before deferencing When the i915 driver firmware binaries are not present, the setdefaultsubmission pointer is not set...

Linux Distros Unpatched Vulnerability : CVE-2026-31549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:1605-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1605-1 advisory. This update for openssl-3 fixes the following issue: Security issues fixed: - CVE-2026-28390: NULL pointer dereference during processing of ...

CVE-2026-31651

A flaw was found in the Linux kernel's mmc: vub300 driver. This vulnerability allows a local attacker to trigger a NULL-pointer dereference or use-after-free condition during device disconnection. Successful exploitation could lead to a system crash, resulting in a denial of service...

CVE-2026-31625

A flaw was found in the Linux kernel's HID Human Interface Device alps driver. This vulnerability, a NULL pointer dereference, occurs because the driver attempts to process raw events without properly verifying if the device has been claimed. An attacker could potentially exploit this to cause a...