PT-2025-26004 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0-rc5-test+ 309 Description: A vulnerability in the Linux kernel has been resolved, related to event probes eprobes in the tracing subsystem. The issue occurs when attempting to retrieve the instruction...

PT-2025-27961 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc1 Description: A vulnerability in the Linux kernel has been resolved, related to the bnxt en driver. The issue arises from the double invocation of bnxt ulp stop and bnxt ulp start functions, which can...

CVE-2025-37919 ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix NULL pointer deref in acpi2ssettdmslot Update chip data using devgetdrvdatadev-parent to fix NULL pointer deref in acpi2ssettdmslot...

CVE-2025-37820 xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()

In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdpconvertbufftoframe The function xdpconvertbufftoframe may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or inval...

CVE-2025-37820

CVE-2025-37820 : In the Linux kernel, xen-netfront may dereference a NULL result from xdp_convert_buff_to_frame() if the function fails to convert an XDP buffer to a frame. The return value may be NULL due to memory constraints, internal errors, or invalid data, and failing to check it can cause ...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-58052)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-58052 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer...

SUSE CVE-2022-49863

In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when testing as following: a use syscallNRsocket, 0x10ul, 3ul, 0 to create netlink socket. b use syscallNRsendmsg, ... to create bond li...

SUSE CVE-2023-53066

In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: guard against NULL derefs from qediovgetvfinfo We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center linuxtesting.org with the SVACE static analysis...

CVE-2023-53122

...

CVE-2022-49797

In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on traceeventfile in kprobeeventgentestexit When tracegeteventfile failed, genkretprobetest will be assigned as the error code. If module kprobeeventgentest is removed now, the null...

CVE-2022-49925 RDMA/core: Fix null-ptr-deref in ib_core_cleanup()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ibcorecleanup KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CPU: 1 PID: 379 Hardware name: QEMU Standard PC i440FX + PIIX, 1996 RIP:...

CVE-2025-21940

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfdqueueacquirebuffers. cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530...

CVE-2025-21980 sched: address a potential NULL pointer dereference in the GRED scheduler.

In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...

CVE-2025-21953 net: mana: cleanup mana struct after debugfs_remove()

In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup mana struct after debugfsremove When on a MANA VM hibernation is triggered, as part of hibernatesnapshot, managdsuspend and managdresume are called. If during this managdresume, a failure occurs with HWC...

CVE-2025-21948 HID: appleir: Fix potential NULL dereference at raw event handle

In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer dereference issue in inputevent. BUG: KASAN: null-ptr-deref in instrumentatomicread include/linux/instrumented.h:68 inline BUG:...

CVE-2025-21936

CVE-2025-21936 affects the Linux kernel Bluetooth subsystem. The vulnerability arises from not checking the return value of mgmt_alloc_skb() in mgmt_device_connected(), leading to a potential null pointer dereference. The connected Azure/Tenable Nessus entries reference the advisory and state tha...

CVE-2022-49758 reset: uniphier-glue: Fix possible null-ptr-deref

In the Linux kernel, the following vulnerability has been resolved: reset: uniphier-glue: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeres invoked, if platformgetresource returns NULL...

CVE-2025-21847

CVE-2025-21847 concerns the Linux kernel ASoC: SOF path — stream-ipc handling. The root cause is a missing NULL check for sps->cstream in sof_ipc_msg_data(), which can lead to a NULL pointer dereference if sps->stream is NULL or cstream is NULL. The issue is mitigated by the published patch...

CVE-2025-21833 iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid use of NULL after WARNONONCE There is a WARNONONCE to catch an unlikely situation when domainremovedevpasid can't find the pasid. In case it nevertheless happens we must avoid using a NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-21740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Ensure NX huge page recovery thread is alive before waking When waking a VM's ...