219 matches found
PT-2026-34911
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "of find node by path"/"" with "of root" to avoid multiple calls to "of node put". 2. Fix a potential kernel oops during early boot when memory allocation fails while...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-013447)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013447 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: protect uartportdtrrts in uartshutdown too Commit af224ca2df29 serial: core: Prevent...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013028)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013028 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and...
kernel: ALSA: aloop: Fix racy access at PCM trigger
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006752 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix unable to handle page fault in ntrigreportversion in ntrigreportversion, hdev...
CVE-2026-23442
The CVE-2026-23442 issue affects the Linux kernel’s IPv6 SRv6 handling. Specifically, __in6_dev_get() may return NULL when a device has no IPv6 configuration (e.g., MTU too small or after NETDEV_UNREGISTER), which could lead to NULL pointer dereferences in seg6_hmac_validate_skb() and ipv6_srh_rc...
CVE-2026-23442 ipv6: add NULL checks for idev in SRv6 paths
In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths in6devget can return NULL when the device has no IPv6 configuration e.g. MTU IPV6MINMTU or after NETDEVUNREGISTER. Add NULL checks for idev returned by in6devget in both...
PT-2026-30137
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where the in6 dev get function can return NULL when a device lacks IPv6 configuration, such as when the MTU is less than the minimum IPv6 MTU or after...
UBUNTU-CVE-2026-23328
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...
CVE-2026-23328
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...
OPENSUSE-SU-2026:20340-1 Security update for cJSON
This update for cJSON fixes the following issues: - Update to version 1.7.19 Check for NULL in cJSONDetachItemViaPointer. Check overlap before calling strcpy in cJSONSetValuestring. Fix Max recursion depth for cJSONDuplicate to prevent stack exhaustion. Allocate memory for the temporary buffer wh...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the lack of null value checking, potentially leading to kernel crashes on servers...
openSUSE 16 Security Update : mosquitto (openSUSE-SU-2026:20260-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20260-1 advisory. Changes in mosquitto: - update to 2.0.23 boo1258671 Fix handling of disconnected sessions for perlistenersettings true Check return values of...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from incorrect NULL checks after the devmkcalloc function...
CVE-2026-23191
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
SUSE CVE-2026-23191
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
CVE-2026-23191
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
UBUNTU-CVE-2026-23191
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
CVE-2026-23191
CVE-2026-23191 (Linux kernel — ALSA aloop) resolves a race in the aloop PCM trigger path that could cause a use-after-free when repeatedly opening/closing the tied stream. The vulnerability occurs because the trigger callback checks the PCM state and stops the tied substream outside the cable loc...
CVE-2026-23191
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...