Unity Linux 20.1070e Security Update: bluez (UTSA-2026-016764)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016764 advisory. BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in t...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check for cstate. Since kzalloc may fail and return a NULL pointer, it would be better to check the cstate to avoid dereferencing the NULL pointer in drmatomichelpercrtcreset. Patch details:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013696 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be bette...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010832)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010832 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be bette...

Linux Distros Unpatched Vulnerability : CVE-2023-54122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereferenc...

SUSE CVE-2023-54122

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

EUVD-2023-60323

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

CVE-2023-54122

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

CVE-2023-54122

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

UBUNTU-CVE-2023-54122

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

CVE-2023-54122 drm/msm/dpu: Add check for cstate

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

CVE-2023-54122 drm/msm/dpu: Add check for cstate

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in drmatomichelpercrtcreset. Patchwork:...

CVE-2023-54122

The CVE-2023-54122 issue affects the Linux kernel’s DRM MSM DPU path. A kzalloc failure can yield NULL when constructing cstate, risking a NULL pointer dereference in __drm_atomic_helper_crtc_reset. The publicly described fix adds a check for cstate before use to prevent dereferencing a NULL poin...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked cstate pointer that could lead to a null pointer dereference...

PT-2025-53199

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/msm/dpu subsystem. Specifically, a missing check for a null pointer after a kzalloc call can lead to a null pointer dereference within the drm...

EUVD-2019-18309

Malware in sbrugna...

SUSE CVE-2021-41229

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

The vulnerability of the sdp_cstate_alloc_buf function in the Bluetooth technology stack for Linux BlueZ, which allows a hacker to cause a service failure.

The vulnerability of the sdpcstateallocbuf function in the Bluetooth technology stack for Linux BlueZ is related to the lack of memory release when processing a linked list of cstates. Exploiting this vulnerability allows an attacker to cause a service failure...

OESA-2022-1763 bluez security update

This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. Security Fixes: BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which wil...

Information Disclosure

bluez is vulnerable to information disclosure. The vulnerability exists due to the handling of a SVCATTRREQ by the SDP implementation which allows an attacker to inject a malicious CSTATE, tricking the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary...