Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfdlookup fails, gtpencapenablesocket returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it by returning an error point...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stigdpatomiccheck The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

EUVD-2026-26607

In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...

CVE-2026-43008 gpio: qixis-fpga: Fix error handling for devm_regmap_init_mmio()

In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...

SUSE CVE-2026-31646

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...

DEBIAN-CVE-2026-31646

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...

CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

CVE-2026-31646

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...

CVE-2026-31544

The CVE-2026-31544 issue affects the Linux kernel firmware component arm_scmi, where the helper __scmi_event_handler_get_ops could yield a NULL instead of an ERR_PTR when an event handler is missing or not created. This caused a NULL dereference in the notify error path, potentially leading to a ...

CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

SUSE CVE-2026-31439

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devmregmapinitmmio returns an ERRPTR upon error, not NULL. Fix the error check and also fix the error message. Use the error code from ERRPTR instead of the wrong value in r...

CVE-2026-31439

A flaw was found in the Linux kernel's Xilinx DMA Direct Memory Access engine. The xdma driver's regmap initialization incorrectly handled errors, specifically when the devmregmapinitmmio function returned an error pointer instead of a null value. This improper error handling could potentially le...

CVE-2026-31439

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devmregmapinitmmio returns an ERRPTR upon error, not NULL. Fix the error check and also fix the error message. Use the error code from ERRPTR instead of the wrong value in r...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013039)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013039 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006893 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007486 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006739 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is...

NewStart CGSL MAIN 6.06 (SP) : kernel Vulnerability (NS-SA-2026-0028)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has kernel packages installed that are affected by a vulnerability: - In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case,...

EUVD-2026-5856

In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fix deadlocks related to acpipowermeternotify The acpipowermeter driver's .notify callback function, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks in sysfs...

SUSE CVE-2026-23044

In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...