83 matches found
EUVD-2026-32256
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...
UBUNTU-CVE-2026-45876
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...
CVE-2026-45972 smb: client: fix potential UAF and double free in smb2_open_file()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...
CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...
CVE-2026-45876
CVE-2026-45876 affects the Linux kernel (arm64 architecture) in the arch_set_shadow_stack_status flow. The bug arises from error handling in alloc_gcs(), which can return an error-encoded pointer from do_mmap() instead of NULL. A NULL-based check fails to detect these errors, risking use of an in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Errors in error pointers were fixed in dpuplanevirtualatomiccheck. The function dpuplanevirtualatomiccheck was referencing pointers returned by drmatomicgetplanestate, without checking for errors. This could lead to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/slab: makefreekfree should accept error pointers. Currently, if an automatically freed allocation is an error pointer, it can lead to a crash. An example of this is in the function wm831x gpiodbgshow. c 171 char label freekfre...
EUVD-2026-28769
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...
CVE-2026-43463
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...
CVE-2026-43463
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...
CVE-2026-43463
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...
PT-2026-39124
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rxrpc and afs components where the rxrpc kernel lookup peer function can return error pointers in addition to NULL. The system failed to properly check for these...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers, so the max3421hcd-spithread pointer can be either an error pointer or NULL. Check both cases before...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed an error code in chanallocskbcb. The chanallocskbcb function is supposed to return error pointers in case of errors. Returning NULL will lead to a NULL derefrence...
CVE-2026-22987
In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004874)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004874 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stigdpatomiccheck The return value of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004916)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004916 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate...
PT-2025-49090
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash could occur in the scx enable function when a helper kthread creation failed. This was observed during termination of the sched ext selftests runner with Ctrl+ while test 15 was...
SUSE CVE-2025-40116
In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...
EUVD-2025-124967
In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...