OPENSUSE-SU-2026:20842-1 Security update for openjpeg2

This update for openjpeg2 fixes the following issue - CVE-2025-54874: openjpeg: missing error check can lead to the use of an uninitialized pointer and cause an out-of- bounds heap memory write bsc1247650...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added a missing error check to scarlett2usbsetconfig. The scarlett2usbsetconfig function calls scarlett2usbget, but did not check the result. If this function fails, an error is returned instead of continuing wit...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: archtopology: Corrected the error check in topologyparsecpucapacity. Corrected the incorrect use of PTRERRORZERO in topologyparsecpucapacity, which caused the code to proceed with NULL clock pointers. The current logic uses...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fixed a potential use-after-free issue in airohanpuget. np-name was being used after calling ofnodeputnp, which releases the node and could lead to a use-after-free bug. Previously, ofnodeputnp was called...

SUSE CVE-2026-43480

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...

EUVD-2026-30016

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...

CVE-2026-43480

CVE-2026-43480 concerns the Linux kernel driver for ASoC on AMD devices: acp3x-rt5682-max9836. The vuln stemmed from acp3x_5682_init() not checking the return value of clk_get(), which could lead to dereferencing a bad pointer in rt5682_clk_enable(). The fix changes clk_get() to device-managed de...

PT-2026-40687

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x 5682 init function did not check the return value of clk get, which could lead to dereferencing error pointers in rt5682 clk enable. Fix thi...

EUVD-2026-28749

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Add missing error check for clock acquisition The acpcardrt5682init and acpcardrt5682sinit functions did not check the return values of clkget. This could lead to a kernel crash when the invalid pointe...

PT-2026-39104

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ASoC amd acp-mach-common component, the functions acp card rt5682 init and acp card rt5682s init fail to check the return values of clk get. This lack of error handling can result...

CVE-2026-31777

The CVE-2026-31777 entry concerns the Linux kernel ALSA ctxfi driver. The root cause is the driver’s missing validation of the return value from daio_device_index(), leading to incorrect assumptions and potential system instability. Documents indicate this has been resolved via patches. Remediati...

Linux Distros Unpatched Vulnerability : CVE-2026-31646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally...

CVE-2026-31646

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...

PT-2026-34998

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool error handling in lan966x fdma rx alloc page pool page pool create can return an ERR PTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011340 advisory. In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013080)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013080 advisory. In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007045)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007045 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpigetparent called ...

SUSE-SU-2026:1313-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: - Fix the CVE-2026-24684 patch, as the previous version wrongly deleted a check for an error condition bsc1257991...

RLSA-2026:1412 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...

EUVD-2026-4817

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...