334 matches found
CVE-2026-23044
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
UBUNTU-CVE-2026-23044
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044 PM: hibernate: Fix crash when freeing invalid crypto compressor
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044
The CVE-2026-23044 issue affects the Linux kernel where hibernate crash occurs if crypto_alloc_acomp() returns an ERR_PTR instead of NULL. The cleanup paths in save_compressed_image() and load_compressed_image() call crypto_free_acomp() unconditionally, dereferencing an invalid pointer in crypto_...
SUSE CVE-2026-22987
In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...
UBUNTU-CVE-2026-22987
In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...
CVE-2026-22987 net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy
In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...
CVE-2026-22987
In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...
CVE-2026-22987 net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy
In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...
CVE-2026-22987
CVE-2026-22987 concerns the Linux kernel net/sched subsystem. The issue arises when tcf_idrinfo_destroy() can pass an ERR_PTR(-EBUSY) as a tc_action pointer during netns teardown, leading to a dereference of an error pointer in tc_act_in_hw(). The fix adds a guard to skip ERR_PTR entries while it...
Linux Distros Unpatched Vulnerability : CVE-2026-22987
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an...
Azure Linux 3.0 Security Update: kernel (CVE-2024-50056)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50056 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERRPTR dereference...
Azure Linux 3.0 Security Update: kernel (CVE-2024-57978)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57978 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Fix potential error...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004357)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004357 advisory. In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3qcomcreateursusbplatdev return value expects it to be NULL in the error case,...
PT-2026-6114
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to handling crypto compressors during hibernation. Specifically, the crypto alloc acomp function can return an error pointer ERR PTR instead of...
PT-2026-4487
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking scheduler related to traffic control and action API handling. Specifically, the issue involves a potential invalid memory dereference withi...
SUSE CVE-2023-54298
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quarkdts: fix error pointer dereference If allocsocdts fails, then we can just return. Trying to free "socdts" will lead to an Oops...
CVE-2023-54298
CVE-2023-54298 affects the Linux kernel's thermal: intel: quark_dts code path. The root cause was an error pointer dereference when alloc_soc_dts() fails; attempting to free soc_dts could cause an Oops. The issue has been fixed by returning early on alloc_soc_dts() failure, preventing a faulty fr...
CVE-2023-54298
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quarkdts: fix error pointer dereference If allocsocdts fails, then we can just return. Trying to free "socdts" will lead to an Oops...