CVE-2026-46211

A flaw was found in the Linux kernel's drm/msm/gem component. Improper error handling within the msmioctlgeminfogetmetadata function can lead to a NULL pointer dereference. This occurs because the function fails to check for allocation failures and incorrectly reports success even when operations...

PT-2026-43723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ib uverbs post send function uses the wqe size variable from userspace without validation before passing it to kmalloc. If a small value is provided for wqe size, the system may...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create a debugfs ttmresourcemanager entry only if needed The driver creates /sys/kernel/debug/dri/0/mobttm even when the corresponding ttmresourcemanager is not allocated. This leads to a crash when trying to read fro...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The ef100updatestats function in drivers/net/ethernet/sfc/ef100nic.c lacks a check for the return value of kmalloc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Added a check for allocation failure for the Entity name. Currently, the findsdcaentityiot function can allocate a string for the Entity name, but it does not check whether the allocation was successful. A NULL check...

CVE-2026-43146

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add buffer to list only after successful allocation Move listaddtail to after dmaallocattrs succeeds when creating internal buffers. Previously, the buffer was enqueued in buffers-list before the DMA allocation. If t...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: drm/meson: fixed the shutdown crash when the component is not probed. When the main component is not probed—for example, when the dw-hdmi module is not yet loaded or during a probe delay—the following crash occurs during shutdown...

CVE-2026-31443 dmaengine: idxd: Fix crash when the event log is disabled

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix crash when the event log is disabled If reporting errors to the event log is not supported by the hardware, and an error that causes Function Level Reset FLR is received, the driver will try to restore the...

CVE-2026-23280

CVE-2026-23280 affects the Linux kernel’s accel/amdxdna component. The issue is a size calculation overflow for the ubuf, which can lead to an undersized allocation and potential memory corruption. The root cause is improper handling of arithmetic when computing the ubuf size. The publicly docume...

CVE-2025-10256 Ffmpeg: null pointer dereference in firequalizer filter (libavfilter/af_firequalizer.c)

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this by tricking a victim into processing a crafted media file with the...

Linux Distros Unpatched Vulnerability : CVE-2026-23042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo fo...

MiracleLinux 9 : grub2-2.06-104.el9_6.ML.1 (AXSA:2025-10402:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10402:07 advisory. grub2: reader/jpeg: Heap OOB Write during JPEG parsing CVE-2024-45774 grub2: commands/extcmd: Missing check for failed allocation CVE-2024-45775...

PT-2026-8214

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the dpaa2-switch driver where a zero-sized pointer dereference can occur when the number of interfaces num ifs reported by the device is zero. This happens because kcall...

SUSE CVE-2023-54289

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues warn: missing unwind goto? At this point in the function, nothing has been allocated so we can return...

Linux Distros Unpatched Vulnerability : CVE-2022-50866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmalloc fail to allocate. Need to check the return pointer before...

CLSA-2025-1766599555 Fix CVE(s): CVE-2025-14178

SECURITY UPDATE: Heap buffer overflow in arraymerge - debian/patches/CVE-2025-14178.patch: add validation to check if total element count exceeds HTMAXSIZE before allocation. - CVE-2025-14178...

PT-2025-54077

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's fs/ntfs3 module related to handling the return value of the kmemdup function. The kmemdup function may return a NULL pointer, and a check for this...

CVE-2023-54072

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper lock and the allocati...

CVE-2023-54147 media: platform: mtk-mdp3: Add missing check and free for ida_alloc

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...

SUSE CVE-2025-68315

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in freenidlist As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on f2fsallocnid to detect any potential corruption in freenidlist...