27 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fixed bioput for error cases As of commit 066ff571011d “block: turning biokmalloc into a simple kmalloc wrapper”, a memory block allocated by biokmalloc must be freed using biouninit and kfree. This process i...
ROS-20260403-73-0006
A vulnerability in the setblocksize function of the block/bdev.c module of the Linux kernel block layer is related to null pointer dereferencing. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...
Linux Distros Unpatched Vulnerability : CVE-2025-68755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging...
CVE-2023-54014
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fcbsgtorport Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to fcbsgtorport could be NULL and dereferenced. Check valid rport returned b...
CVE-2023-54014 scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fcbsgtorport Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to fcbsgtorport could be NULL and dereferenced. Check valid rport returned b...
CVE-2025-40094
CVE-2025-40094 affects the Linux kernel’s USB gadget f_acm binding path. After a bind/unbind cycle, acm->notify_req can be left stale, and if a subsequent bind fails, the unified error label may try to free it, causing a NULL pointer dereference when accessing ep->ops->free_request. The ...
Linux Distros Unpatched Vulnerability : CVE-2023-53658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: bcm-qspi: return error if neither hifmspi nor mspi is available If neither a hifmspi nor mspi resource is present, the driver will just early exit in probe...
EUVD-2022-28146
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38604
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rtl818x: Kill URBs before clearing tx status queue In rtl8187stop move the call of usbkillanchoredurbs before clearing btxstatus.queue. This change preven...
Linux Distros Unpatched Vulnerability : CVE-2020-36149
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault err...
CVE-2025-38672
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dmabuf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes...
CVE-2025-38605
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Pass ab pointer directly to ath12kdptxgetencaptype In ath12kdptxgetencaptype, the arvif parameter is only used to retrieve the ab pointer. In vdev delete sequence the arvif-ar could become NULL and that would trigge...
CVE-2025-38583
In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pllpost only if registered correctly If registration of pllpost is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace: Unable to handle kernel NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2024-24856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The memory allocation function ACPIALLOCATEZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that...
Linux Distros Unpatched Vulnerability : CVE-2021-47257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr...
Linux Distros Unpatched Vulnerability : CVE-2023-52789
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2024-53204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: phy: realtek: usb: fix NULL deref in rtkusb3phyprobe In rtkusb3phyprobe devmkzalloc may retu...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
PT-2025-27685
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the drm/amd/display component, where a drm wb connector was incorrectly treated as an amdgpu dm connector...
PT-2025-8776
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue has been identified in the Linux kernel related to the mt7925 wifi driver. Specifically, in the mt7925 change vif links function, devm kzalloc may return NULL, but this returned...