PT-2026-43723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ib uverbs post send function uses the wqe size variable from userspace without validation before passing it to kmalloc. If a small value is provided for wqe size, the system may...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The ef100updatestats function in drivers/net/ethernet/sfc/ef100nic.c lacks a check for the return value of kmalloc...

CVE-2025-10256 Ffmpeg: null pointer dereference in firequalizer filter (libavfilter/af_firequalizer.c)

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this by tricking a victim into processing a crafted media file with the...

Linux Distros Unpatched Vulnerability : CVE-2026-23042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo fo...

PT-2025-54077

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's fs/ntfs3 module related to handling the return value of the kmemdup function. The kmemdup function may return a NULL pointer, and a check for this...

EUVD-2025-13223

Malicious code in bioql PyPI...

EUVD-2025-20974

Malicious code in bioql PyPI...

ROS-20250924-09

The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...

SUSE CVE-2025-38664

In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in icecopyandinitpkg Add check for the return value of devmkmemdup to prevent potential null pointer dereference...

CVE-2025-38629 ALSA: usb: scarlett2: Fix missing NULL check

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2inputselectctlinfo sets up the string arrays allocated via kasprintf, but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check...

CVE-2025-38274

The CVE-2025-38274 issue affects the Linux kernel FPGA subsystem, specifically fpga_mgr_test_img_load_sgt(). The root cause was an allocation of sgt with kunit_kzalloc() without verifying success; later __sg_alloc_table() called memset() on sgt, causing a NULL pointer dereference if allocation fa...

CVE-2025-38160 clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Add NULL check in raspberrypiclkregister devmkasprintf returns NULL when memory allocation fails. Currently, raspberrypiclkregister does not check for this case, which results in a NULL pointer dereference. Add NUL...

CVE-2025-38143 backlight: pm8941: Add NULL check in wled_configure()

In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wledconfigure devmkasprintf returns NULL when memory allocation fails. Currently, wledconfigure does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

CVE-2025-38138 dmaengine: ti: Add NULL check in udma_probe()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Add NULL check in udmaprobe devmkasprintf returns NULL when memory allocation fails. Currently, udmaprobe does not check for this case, which results in a NULL pointer dereference. Add NULL check after devmkasprint...

CVE-2025-38007

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Add NULL check in uclogicinputconfigured devmkasprintf returns NULL when memory allocation fails. Currently, uclogicinputconfigured does not check for this case, which results in a NULL pointer dereference. Add NULL...

CVE-2020-27274

Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller versions prior to 6.3.0.8233...

CVE-2025-37841 pm: cpupower: bench: Prevent NULL dereference on malloc failure

In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc returns NULL due to low memory, 'config' pointer can be NULL. Add a check to prevent NULL dereference...

PT-2026-26044

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the ntfs3 file system that can result in a Denial-of-Service DoS condition. A specially crafted NTFS image can trigger an infinite loop when processing an ATTR LIST...

CVE-2024-56705

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgbydata memory allocation failure In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may trigger the...

UBUNTU-CVE-2023-52607

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtablecacheadd kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...