EUVD-2026-34129

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

Linux Distros Unpatched Vulnerability : CVE-2026-46092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with su...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound access in addsecretdacpath The sndhdagetconnections function may return a negative error code. This could lead to accessing the ‘conn’ array at a negative index. This issue was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents. This pointer is not initialized at the beginning of the function. This pointer...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel – Add error handling for dmamapsg calls The macro dmamapsg function may return 0 in the event of an error. This patch enables checks in case of a macro failure and ensures that previously mapped buffers are...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: fix usbmisc handling usbmisc is an optional device property; therefore, it is completely valid for the corresponding data-usbmiscdata to have a NULL value. This check must be performed before dereferenci...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: hifusb: A use-after-free issue has been fixed in ath9khifusbregincb. It is possible that the skb buffer is freed during ath9khtcrxmsg, and then usbsubmiturb fails. As a result, we try to free the skb buffer again. Th...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fixed null pointer dereferencing. The function computeinterceptslope is called from calibrate8960 in tsens-8960.c. This call involves a parameter of type priv, p1, NULL, ONEPTCALIB, which leads to a null...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: traceeventshist: A check was added to ensure that the return value of createhistfield is checked. The function createhistfield is called recursively at line 1954 of traceeventshist.c, and it may return a NULL value. Therefore, we...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: Topology: Fixed a potential overflow in amufiesetup. The cpufreqgetHWmaxfreq function returns the maximum frequency in kHz as an unsigned int, while freqinvsetmaxratio receives this frequency in Hz as a u64 type. Multiplyi...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: protection against NULL references from qediovgetvfinfo We must ensure that the information returned by the helper function is valid before using it. This issue was identified by the Linux Verification Center...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check on the callback function pointer before calling it. In the dpucoreirqcallbackhandler callback function, the pointer pointing to the callback function is checked to be NULL. However, the callback functio...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT – Avoid u32 multiplication overflow. In the function lpitupdateresidency, there is a possibility of overflow during multiplication, if tsckhz is large enough UINTMAX/1000. The multiplication operation should be replace...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: EFI: Fixed a potential NULL dereference in efememreservepersistent. When iterating over a linked list, the result of memremap may be dereferenced without checking if it is NULL. This patch adds a check that falls back to allocati...

SUSE CVE-2026-43123

In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fbacquirenewinfo If fbconopen fails when called from con2fbacquirenewinfo then info-fbconpar pointer remains NULL which is later dereferenced. Add check for return value of the function...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007045)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007045 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpigetparent called ...

SUSE CVE-2025-68782

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Reset ttaskcdb pointer in error case If allocation of cmd-ttaskcdb fails, it remains NULL but is later dereferenced in the 'err' path. In case of error, reset NULL ttaskcdb value to point at the default fixed-size...

CVE-2025-68820 ext4: xattr: fix null pointer deref in ext4_raw_inode()

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Net: qlogic/qede: fixed a potential out-of-bounds read in qedetpacont and qedetpaend. The loops in ‘qedetpacont’ and ‘qedetpaend’ iterate over ‘cqe-lenlist’, using only a zero-length terminator as the stopping condition. If the...

PT-2026-2552

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ext4 implementation related to extended attribute handling. Specifically, a null pointer dereference can occur within the ext4 raw inode function if...