FreeRDP 资源管理错误漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained a resource management vulnerability. This vulnerability stemmed from the RDPEAR NDR parser acceptingNDR pointers with multiple logical pointer fields. It...

OESA-2026-2369 python-twisted security update

Twisted is an event-based framework for internet applications, supporting Python 2.7 and Python 3.5+. It includes modules for many different purposes, including the following: Security Fixes: A denial of service vulnerability exists in Twisted framework when handling DNS compression pointer chain...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 channel pointer handling The pointer returned by ad4851parseChannelscommon is incremented internally as each channel is populated. In ad4858ParseChannels, the same pointer was further incremented whil...

CVE-2026-43216

Summary of CVE-2026-43216 : In the Linux kernel, skb_may_tx_timestamp() could acquire sock::sk_callback_lock in IRQ context, risking a deadlock if the lock was already write-locked on the same CPU. The fix drops the lock and uses READ_ONCE() / WRITE_ONCE() to safely access and clear the pointers ...

CVE-2026-43073

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

CVE-2026-43073 x86-64: rename misleadingly named '__copy_user_nocache()' function

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

CVE-2025-60887

CVE-2025-60887 affects Cista v0.15 and earlier. The issue is insecure deserialization of untrusted input under certain conditions, which may leak stack/heap addresses and potentially bypass ASLR. Specifically, classes using pointer-like mechanics in the cista::raw namespace are vulnerable to refe...

CVE-2026-31439 dmaengine: xilinx: xdma: Fix regmap init error handling

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devmregmapinitmmio returns an ERRPTR upon error, not NULL. Fix the error check and also fix the error message. Use the error code from ERRPTR instead of the wrong value in r...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There are security vulnerabilities in the Linux kernel, which stem from issues with the smbgrantoplock function. These vulnerabilities involve reusing freed resources an...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from outdated pointer handling in the XDP TX timestamp mechanism, potentially leading to null pointer...

CVE-2026-23044

The CVE-2026-23044 issue affects the Linux kernel where hibernate crash occurs if crypto_alloc_acomp() returns an ERR_PTR instead of NULL. The cleanup paths in save_compressed_image() and load_compressed_image() call crypto_free_acomp() unconditionally, dereferencing an invalid pointer in crypto_...

CVE-2025-47398

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers...

CVE-2025-47398

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers...

CVE-2025-47398 Use After Free in Graphics

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers...

CVE-2025-47398

CVE-2025-47398 involves memory corruption due to improper handling of memory pointers during deallocation of GPU memory buffers. Red Hat and CVE aggregations label it as a Use After Free issue in graphics memory, implying a vulnerability in the graphics subsystem where freed memory is mishandled,...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a resource management vulnerability, which stems from improper handling of memory pointers when releasing the memory buffer of the graphics processing unit, potentially leading to memory corrupti...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50058)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50058 advisory. - In the Linux kernel, the following vulnerability has been resolved: serial: protect uartportdtrrts in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling null pointers, which could lead to null pointer dereferencing...

CVE-2025-40315 usb: gadget: f_fs: Fix epfile null pointer access after ep enable.

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear called in ffsdatareset sets ffs-epfiles to NULL before resettin...

CVE-2025-40315

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear called in ffsdatareset sets ffs-epfiles to NULL before resettin...