EUVD-2026-32256

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

UBUNTU-CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

CVE-2026-45972 smb: client: fix potential UAF and double free in smb2_open_file()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

CVE-2026-45876

In the Linux kernel, arm64/gcs fixes error handling in arch_set_shadow_stack_status. alloc_gcs() now detects error-encoded pointers returned by do_mmap() (not NULL) via IS_ERR_VALUE(), aligning with the check in gcs_alloc_thread_stack. The previous NULL-based check could fail to detect errors, ri...

EUVD-2026-28769

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

CVE-2026-43463

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

CVE-2026-43463

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

CVE-2026-43463

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

PT-2026-39124

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rxrpc and afs components where the rxrpc kernel lookup peer function can return error pointers in addition to NULL. The system failed to properly check for these...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Errors in error pointers were fixed in dpuplanevirtualatomiccheck. The function dpuplanevirtualatomiccheck was referencing pointers returned by drmatomicgetplanestate, without checking for errors. This could lead to...

CVE-2026-22987

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004916)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004916 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004874)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004874 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stigdpatomiccheck The return value of...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers, so the max3421hcd-spithread pointer can be either an error pointer or NULL. Check both cases before...

PT-2025-49090

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash could occur in the scx enable function when a helper kthread creation failed. This was observed during termination of the sched ext selftests runner with Ctrl+ while test 15 was...

SUSE CVE-2025-40116

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

EUVD-2025-124967

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

CVE-2025-40116

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

CVE-2025-40116

The CVE-2025-40116 issue is in the Linux kernel USB host max3421-hcd path. It arises from dereferencing kthread_run() return values that can be error pointers or NULL in probe cleanup. The SUSE advisories SUSE-SU-2025:4505-1 and SUSE-SU-2025:4516-1 (and related) document the fix and list the affe...