Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fixed potential NULL pointer dereferencing issues. The “im” pins are optional. Added a missing check in the hx8357probe function...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992489 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that...

CVE-2023-53213 wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that occurs in kmemdup called from brcmfgetassocies. The bug could occur when associnfo-reqlen, data from a URB provided by a USB device, i...

PT-2025-44136

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel's NTFS3 subsystem related to integer overflow in the run unpack function. The run unpack function decodes compressed runlist data from MFT attributes,...

CVE-2025-38204 jfs: fix array-index-out-of-bounds read in add_missing_indices

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in addmissingindices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and return -EIO if the check fails. Also make jfsreaddir...

PT-2025-34409

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The stm32 spi probe function lacked a check to ensure the pointer returned by of device get match data was not NULL before accessing its members. This could lead to a NULL pointer...

PT-2025-8850

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug in the Linux kernel allows writing outside the allocated buffer when a specific SCSI IOCTL SEND COMMAND ioctl is used with certain parameters, including out len set to 0xd42, SCSI...

SUSE CVE-2024-56368

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix overflow in rbmapvma An overflow occurred when performing the following calculation: nrpages = nrsubbufs + 1 dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0 lib/dumpstack.c:120 printaddressdescriptio...

CVE-2024-56773

CVE-2024-56773 : In the Linux kernel, a potential NULL pointer dereference could occur in kunit_device_driver_test() when kunit_kzalloc() returns NULL and is dereferenced without a NULL check. The patch adds a NULL check for test_state to mitigate this. The CVE details, including its impact and e...

PT-2025-34396

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the cpcap usb detect function within the cpcap-charger component of the Linux kernel. The power supply get by name function may return NULL instead of an error pointer...

UBUNTU-CVE-2024-42309

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psbintellvdsgetmodes In psbintellvdsgetmodes, the return value of drmmodeduplicate is assigned to mode, which will lead to a possible NULL pointer dereference on failure of...

DEBIAN-CVE-2024-38573

In the Linux kernel, the following vulnerability has been resolved: cppccpufreq: Fix possible null pointer dereference cppccpufreqgetrate and hisicppccpufreqgetrate can be called from different places with various parameters. So cpufreqcpuget can return null as 'policy' in some circumstances. Fix...

CVE-2023-52472 crypto: rsa - add a check for allocation failure

In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpialloc allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in current kernels, but...

CVE-2023-6846 File Manager Pro <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File Upload

The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mkcheckfilemanagerphpsyntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute code on the server...

PT-2024-11106 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference issue has been resolved in the Linux kernel. The issue occurs when alloc pages node returns null in svc rqst alloc, causing the null rq scratch page pointer ...