52 matches found
CVE-2026-43160 mfd: macsmc: Initialize mutex
In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...
PT-2026-37500
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the macsmc multi-function device mfd where the mutex in struct apple smc is not initialized within the apple smc probe function. This lack of initialization can lead t...
Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans CVE-2023-53034 kernel: smc: Fix use-after-free in pnetfindbasendev CVE-2025-40064 kernel: Linux kernel: Out-of-bounds wri...
CVE-2026-23039
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...
CVE-2022-50812 security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6
In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...
CVE-2023-53991
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology requests resources that have not been created by the system because they are typically not represented in dpumdsscfg ^1, the resources in...
CVE-2025-40299
In the Linux kernel, the following vulnerability has been resolved: gve: Implement gettimex64 with -EOPNOTSUPP gve implemented a ptpclock for sole use of doauxwork at this time. ptpclockgettime and ptpsysoffset assume every ptpclock has implemented either gettimex64 or gettime64. Stub gettimex64...
MGASA-2025-0261 Updated libsoup3 & libsoup packages fix security vulnerabilities
Libsoup: heap buffer over-read in skipinsignificantspace when sniffing content. CVE-2025-2784 Libsoup: denial of service attack to websocket server. CVE-2025-32049 Libsoup: integer overflow in appendparamquoted. CVE-2025-32050 Libsoup: segmentation fault when parsing malformed data uri...
EUVD-2025-11830
Malicious code in bioql PyPI...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly populating ar references in skbcb, which could lead to null pointer dereferences...
Linux Distros Unpatched Vulnerability : CVE-2025-58143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related...
sfc: fix NULL dereferences in ef100_process_design_param()
...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from uninitialized register pointers, which could lead to null pointer dereferences...
CVE-2023-53066
In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: guard against NULL derefs from qediovgetvfinfo We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center linuxtesting.org with the SVACE static analysis...
CVE-2023-53066
In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: guard against NULL derefs from qediovgetvfinfo We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center linuxtesting.org with the SVACE static analysis...
CVE-2025-37860 sfc: fix NULL dereferences in ef100_process_design_param()
In the Linux kernel, the following vulnerability has been resolved: sfc: fix NULL dereferences in ef100processdesignparam Since cited commit, ef100probemain and hence also ef100checkdesignparams run before efx-netdev is created; consequently, we cannot netifsettsomaxsize or segs at this point. Mo...
CVE-2025-21814
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info-enable callback is always set The ioctl and sysfs handlers unconditionally call the -enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptps390.c,...
CVE-2025-21814 ptp: Ensure info->enable callback is always set
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info-enable callback is always set The ioctl and sysfs handlers unconditionally call the -enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptps390.c,...
CVE-2025-21814 ptp: Ensure info->enable callback is always set
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info-enable callback is always set The ioctl and sysfs handlers unconditionally call the -enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptps390.c,...
UBUNTU-CVE-2022-49616
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7-sdw: harden jackdetecthandler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card...