157 matches found
bpf: test_run: Fix the null pointer dereference issue in bpf_lwt_xmit_push_encap
...
SUSE-SU-2026:22289-1 Security update for tar
This update for tar fixes the following issues - CVE-2026-5704: crafted archives can be used to to hide file injection bsc1261900. - Fix --dereference/-h not working properly after CVE-2025-45582 fix bsc1265450...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fixed the issue of dereferencing a null pointer rn. The error exit path when rn is NULL results in dereferencing the null pointer rn through the use of the macro CSIOINCSTATS. This issue was fixed by adding a new...
PT-2026-47381
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs when unloading the module on gen 4. This issue is caused by the cleanup code incorrectly calling the vsp1 drm cleanup function instead of the vsp1 vspx...
SUSE CVE-2026-45857
In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...
CVE-2026-45857 scsi: csiostor: Fix dereference of null pointer rn
In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...
CVE-2026-45835
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...
CVE-2026-45834 Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The pointer may be dereferenced. The Klocwork tool reported that the pointer ‘rport’ was returned from a function call. The fcbsgtorport function may return NULL, and the pointer will be dereferenced. A fix has bee...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fixed a race condition between ufshcdmcqabort and the ISR. If a command timeout occurs and the cq complete IRQ is raised at the same time, ufshcdmcqabort clears the lprb-cmd, and a NULL pointer dereferencing occu...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xhci: sideband: do not dereference a freed ring when removing a sideband endpoint. xhcisidebandremoveendpoint incorrectly assumes that the endpoint is running and has a valid transfer ring. Lianqin reported a crash during...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: kobject: A sanity check was added for kset-kobj.ktype in ksetregister. When I register a kset in the following manner: c static struct kset mykset; kobjectsetname&mykset.kobj, "mykset"; ret = ksetregister&mykset; A null pointer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: mux: reg: Check the return value after calling platformgetresource. This issue could lead to a null-ptr-deref in resourcesize if platformgetresource returns NULL. It is recommended to call resourcesize after...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: aspeed: Fixed a potential NULL dereferencing in aspeedpinmuxsetmux. pdesc could potentially be null, but still, dereferencing pdesc-name would lead to a NULL pointer access. Therefore, we moved a null check before the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Audit: fixed a possible null-pointer dereference in auditfilterrules. A possible null-pointer dereference was addressed in auditfilterrules. Error in auditfilterrules: we previously assumed that ‘ctx’ could be null...
CVE-2026-43300
In the Linux kernel, the following vulnerability has been resolved: drm/panel: Fix a possible null-pointer dereference in jdipaneldsiremove In jdipaneldsiremove, jdi is explicitly checked, indicating that it may be NULL: if !jdi mipidsidetachdsi; However, when jdi is NULL, the function does not...
mmc: vub300: fix NULL-deref on disconnect
...
EUVD-2026-25513
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 A malicious USB device with the TASCAM US-144MKII device id can have a configuration containing bInterfaceNumber=1 but no interface 0. USB configuration descriptors ar...
CVE-2026-31457
The CVE-2026-31457 entry describes a Linux kernel vulnerability in DAMON (mm/damon/sysfs) where damon_sysfs_repeat_call_fn() dereferences contexts_arr[0] when nr_contexts is set to 0 via sysfs, due to a missing check on contexts->nr. This can occur while DAMON is running and cause a NULL point...
CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...