Linux Distros Unpatched Vulnerability : CVE-2022-34678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer...

CVE-2025-39706 drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-39706 drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-38583

In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pllpost only if registered correctly If registration of pllpost is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace: Unable to handle kernel NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-38487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop...

Linux Distros Unpatched Vulnerability : CVE-2025-38035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when...

Linux Distros Unpatched Vulnerability : CVE-2023-31022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of servic...

Linux Distros Unpatched Vulnerability : CVE-2022-34679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer...

Linux Distros Unpatched Vulnerability : CVE-2022-31615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer...

Linux Distros Unpatched Vulnerability : CVE-2022-49824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ata: libata-transport: fix error handling in atatlinkadd In atatlinkadd, the return value of transportadddevice is not checked. As a result, it causes...

Linux Distros Unpatched Vulnerability : CVE-2025-38075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive respons...

Linux Distros Unpatched Vulnerability : CVE-2025-38387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Initialize objevent-objsublist before xainsert The objevent may be loaded immediately after inserted, then if the listhead is not initialized then we...

Linux Distros Unpatched Vulnerability : CVE-2021-47413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: Also search for 'phys' phandle When passing 'phys' in the devicetr...

CVE-2025-38442

In the Linux kernel, the following vulnerability has been resolved: block: reject bs ps block devices when THP is disabled If THP is disabled and when a block device with logical block size page size is present, the following null ptr deref panic happens during boot: 13.2 mK AOSAN: null-ptr-deref...

CVE-2025-38371 drm/v3d: Disable interrupts before resetting the GPU

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which can lead to GPU hangs and NULL pointer dereference in an interrupt context as shown in the following trace:...

CVE-2025-38368

CVE-2025-38368 concerns the Linux kernel fix for a NULL dereference in the tps6594-pfsm subsystem. The issue arises in the misc: tps6594-pfsm driver where devm_kasprintf() could return NULL for pfsm->miscdev.name. The patch adds a NULL pointer check in tps6594_pfsm_probe() to prevent dereferen...

CVE-2025-38145 soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()

In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in aspeedlpcenablesnoop devmkasprintf returns NULL when memory allocation fails. Currently, aspeedlpcenablesnoop does not check for this case, which results in a NULL pointer dereference. Add NULL chec...

CVE-2025-38123 net: wwan: t7xx: Fix napi rx poll issue

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix napi rx poll issue When driver handles the napi rx polling requests, the netdev might have been released by the dellink logic triggered by the disconnect operation on user plane. However, in the logic of...

CVE-2022-49947

In the Linux kernel, the following vulnerability has been resolved: binder: fix alloc-vmavmmm null-ptr dereference Syzbot reported a couple issues introduced by commit 44e602b4e52f "binderalloc: add missing mmaplock calls when using the VMA", in which we attempt to acquire the mmaplock when...

CVE-2022-50206

The CVE-2022-50206 issue affects the Linux kernel (ARM64) where emulation_proc_handler() concurrently updates table->data for proc_dointvec_minmax, allowing a NULL pointer dereference Oops. The fix is to keep table->data as &insn->current_mode and to retrieve the insn pointer with contai...