63168 matches found
SUSE CVE-2026-23040
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
SUSE CVE-2026-23041
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer crash in bnxtptpenable during error cleanup When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error path calls bnxtfreehwrmresources which destroys the DMA pool and...
SUSE CVE-2026-23043
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL pointer dereference in doabortlogreplay Coverity reported a NULL pointer dereference issue CID 1666756 in doabortlogreplay. When btrfsallocpath fails in replayonebuffer, wc-subvolpath is NULL, but...
SUSE CVE-2026-23062
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...
SUSE CVE-2026-23064
In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...
SUSE CVE-2026-23084
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in becmdgetmacfromlist When the parameter pmacidvalid argument of becmdgetmacfromlist is set to false, the driver may request the PMACID from the firmware of the network card, and this functio...
SUSE CVE-2026-23107
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to restore a ZA context doesn't attempt to allocate the task's svestate before setting TIFSME. Consequently, restoring a ZA context can place a task into an...
Important: ImageMagick
Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...
ROS-20260205-73-0003
A vulnerability in the uclogicinputconfigured function of the HID component of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
SUSE SLES12: ImageMagick-config-6-SUSE / ImageMagick-config-6-upstream / etc (SUSE-SU-2026:0384-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0384-1 advisory. - CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. - CVE-2026-23876: maliciously crafted image can lead to...
RockyLinux 10 : wireshark (RLSA-2026:1714)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1714 advisory. Wireshark: NULL Pointer Dereference in Wireshark CVE-2025-9817 Tenable has extracted the preceding description block directly from the RockyLinux security...
GHSA-J39J-6GW9-JW6H git2 has potential undefined behavior when dereferencing Buf struct
If the Buf struct is dereferenced immediately after calling new or default on the Buf struct, a null pointer is passed to the unsafe function slice::fromrawparts. According to the safety section documentation of the function, data must be non-null and aligned even for zero-length slices or slices...
git2 has potential undefined behavior when dereferencing Buf struct
If the Buf struct is dereferenced immediately after calling new or default on the Buf struct, a null pointer is passed to the unsafe function slice::fromrawparts. According to the safety section documentation of the function, data must be non-null and aligned even for zero-length slices or slices...
CVE-2025-68699
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...
CVE-2025-68699
CVE-2025-68699 affects NanoMQ NanoMQ 0.24.6 where a malformed $share/ SUBSCRIBE topic (e.g., $share/ab) is not strictly validated, allowing an invalid topic filter to be stored. When a PUBLISH matches, nmq_pipe_send_start_v4/v5 re-parses the topic using strchr(); if the second strchr() returns NU...
CVE-2025-68699 NanoMQ $share/ Subscription Validation and Forwarding Parsing Inconsistency: NULL Pointer Increment Causes Crash
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...
CVE-2025-68699 NanoMQ $share/ Subscription Validation and Forwarding Parsing Inconsistency: NULL Pointer Increment Causes Crash
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...
CVE-2025-68699 NanoMQ $share/ Subscription Validation and Forwarding Parsing Inconsistency: NULL Pointer Increment Causes Crash
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...
CVE-2026-23107
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to restore a ZA context doesn't attempt to allocate the task's svestate before setting TIFSME. Consequently, restoring a ZA context can place a task into an...
CVE-2026-23084
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in becmdgetmacfromlist When the parameter pmacidvalid argument of becmdgetmacfromlist is set to false, the driver may request the PMACID from the firmware of the network card, and this functio...