EUVD-2025-5182

Malicious code in bioql PyPI...

CVE-2025-38121

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: avoid panic on init failure In case of an error during init, inhwrestart will be set, but it will never get cleared. Instead, we will retry to init again, and then we will act like we are in a restart when we...

CVE-2022-50046 net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()

In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix potential memory leaks in rpcsysfsxprtstatechange The issue happens on some error handling paths. When the function fails to grab the object xprt, it simply returns 0, forgetting to decrease the reference count of...

CVE-2025-37918 Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skbdequeue A NULL pointer dereference can occur in skbdequeue when processing a QCA firmware crash dump on WCN7851 0489:e0f3. 93.672166 Bluetooth: hci0: ACL memdump size589824...

CVE-2023-53038

CVE-2023-53038 concerns the Linux kernel: in scsi lpfc, the function lpfc_sli4_cgn_params_read() may encounter a kzalloc() failure, after which lpfc_read_object() dereferences pdata without a NULL check. The published fix changes the error code path from -ENODEV to -ENOMEM to reflect allocation f...

CVE-2025-21975 net/mlx5: handle errors in mlx5_chains_create_table()

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5chainscreatetable In mlx5chainscreatetable, the return value of mlx5getfdbsubns and mlx5getflownamespace must be checked to prevent NULL pointer dereferences. If either function fails, the function...

CVE-2025-21857 net/sched: cls_api: fix error handling causing NULL dereference

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...

Linux Distros Unpatched Vulnerability : CVE-2024-43884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pairdevice hciconnparamsadd never checks for a NULL...

CVE-2025-21783

CVE-2025-21783 affects the Linux kernel gpiolib: gpiochip_get_ngpios() uses chip_() macros that assume gpiodev is initialised. When called via bgpio_init(), these macros can crash with a NULL pointer dereference. The fix replaces chip_ () with the corresponding dev_() macros to prevent the crash....

CVE-2022-49429

CVE-2022-49429 affects the Linux kernel’s RDMA/hfi1 subsystem. When the hfi1 module is loaded with SDMA disabled (HFI1_CAP_SDMA off), a call to hfi1_write_iter() can dereference a NULL pointer, causing a kernel panic through the I/O path (sdma_select_user_engine → hfi1_user_sdma_process_request →...

Low: Red Hat Security Advisory: squid security and bug fix update

An updated squid package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...