EUVD-2026-32256

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

UBUNTU-CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

CVE-2026-45972 smb: client: fix potential UAF and double free in smb2_open_file()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

CVE-2026-45876

In the Linux kernel, arm64/gcs fixes error handling in arch_set_shadow_stack_status. alloc_gcs() now detects error-encoded pointers returned by do_mmap() (not NULL) via IS_ERR_VALUE(), aligning with the check in gcs_alloc_thread_stack. The previous NULL-based check could fail to detect errors, ri...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fixed error pointers in dpuplanevirtualatomiccheck. The function dpuplanevirtualatomiccheck was referencing pointers returned by drmatomicgetplanestate without checking for errors. This could lead to undefined behavi...

EUVD-2026-28769

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

CVE-2026-43463

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

CVE-2026-43463

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

CVE-2026-43463

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

PT-2026-39124

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rxrpc and afs components where the rxrpc kernel lookup peer function can return error pointers in addition to NULL. The system failed to properly check for these...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm/slab: freekfree should accept error pointers. Currently, if an automatically freed allocation is an error pointer, it can lead to a crash. An example of this is in wm831x gpiodbgshow. c 171 char label freekfree =...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chanallocskbcb The chanallocskbcb function is supposed to return error pointers on error. Returning NULL will lead to a NULL dereference...

CVE-2026-22987

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004874)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004874 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stigdpatomiccheck The return value of...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004916)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004916 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate...

PT-2025-49090

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash could occur in the scx enable function when a helper kthread creation failed. This was observed during termination of the sched ext selftests runner with Ctrl+ while test 15 was...

SUSE CVE-2025-40116

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...