Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: There is a potential NULL pointer dereference issue in the SCP code. The return value of devmkzalloc needs to be checked to avoid NULL pointer dereferences. This is similar to the CVE-2022-3113 vulnerability...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Error handling was added in xhcimapurbfordma. Currently, xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. However, if kzallocnode fails, the call to sgpcopytobuffer may lead ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: cfg80211: tests: Fixed a potential NULL dereference in testcfg80211ParseColocatedAp. kunitkzalloc may return NULL. Dereferencing it without a NULL check may lead to a NULL dereference. Added a NULL check for ies...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: clk: imx: clk-imxrt1050: fixed a memory leak in imxrt1050clocksprobe. Use devmofiomap instead of ofiomap to automatically handle the unused ioremap regions. If any errors occur, the memory allocated by kzalloc may leak; howeve...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added a NULL pointer check for kzalloc Why & How Check the return pointer of kzalloc before using it...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme: fixed memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless a new one was allocated. Avoid potential use-after-free conditions under memory pressure. If kzalloc fails, qvector will be freed, but it will remain in the original adapter-qvectorvidx array...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: checked for a null return from devmkzalloc in dpuwritebackinit. Due to the possible failure of devmkzalloc, dpuwbconn might be NULL, which could lead to a null pointer derefrence later. Therefore, it might be better ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: switchdev: fixed the possible NULL pointer dereferencing issue. As a possible failure in allocation, devmkzalloc may return a NULL pointer. Therefore, it is better to check for ‘db’ to prevent the dereferencing of a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fixed a possible null pointer derefrence issue. In tegracrtcreset, new memory is allocated using kzalloc, but no checks are performed. Before calling drmatomichelpercrtcreset, the state of the memory allocation should ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM – Use kzalloc for SEV ioctl interfaces to prevent kernel data leaks. For some SEV ioctl interfaces, the length parameter passed may be less than or equal to SEVFWBLOBMAXSIZE, but larger than the data returned by the PSP...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fixed the issue where NULL was compared with ISERR. The devmkzalloc function does not return error pointers; it returns NULL in case of an error. Update the check to match this behavior...

SUSE CVE-2026-46305

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

UBUNTU-CVE-2026-46305

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

CVE-2026-46305 staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

EUVD-2026-35170

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

CVE-2026-46171

In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: fix vector context allocation leak When the second kzalloc hostcontext.vector.datap fails in kvmriscvvcpuallocvectorcontext, the first allocation guestcontext.vector.datap is leaked. Free it before returning...

CVE-2026-46159

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...

UBUNTU-CVE-2026-46159

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...

EUVD-2026-32786

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...