Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clkhwgetclk when dev is NULL Any registered clkcore structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clkregister and clkhwregister with a NULL...

CVE-2026-23020

In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortexprobe1 pdev can be null and freering: can be called in 1297 with a null pdev...

youki 安全漏洞

youki is a youki open source implementation of the OCI runtime specification in Rust. A security vulnerability exists in youki 0.5.6 and earlier versions, which stems from insufficient initial validation of source /dev/null and could lead to container escape...

UBUNTU-CVE-2025-31133

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...

EUVD-2015-1659

Malware in sbrugna...

CVE-2025-38589

The Connected documents confirm CVE-2025-38589 relates to a null-ptr-deref in neigh_flush_dev() within the Linux kernel, fixed by reverting to hash-table iteration in neigh_table_clear() after introducing per-netdev neighbour lists. The issue was triggered by neigh_table_clear() calling neigh_ifd...

CVE-2025-38589 neighbour: Fix null-ptr-deref in neigh_flush_dev().

In the Linux kernel, the following vulnerability has been resolved: neighbour: Fix null-ptr-deref in neighflushdev. kernel test robot reported null-ptr-deref in neighflushdev. 0 The cited commit introduced per-netdev neighbour list and converted neighflushdev to use it instead of the global hash...

PT-2025-33787

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc6-01246-gf7f52738637f Description: A null-pointer dereference issue was identified in the neigh flush dev function within the Linux kernel. This occurred due to a missing check when using the per-netdev...

PT-2025-33579 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free flaw within the airoha npu get function. The vulnerability occurs because the np-name field is accessed after the associated node has been...

platform/x86: int3472: Check for adev == NULL

...

SUSE CVE-2022-49187

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clkhwgetclk when dev is NULL Any registered clkcore structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clkregister and clkhwregister with a NULL...

DEBIAN-CVE-2022-49187

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clkhwgetclk when dev is NULL Any registered clkcore structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clkregister and clkhwregister with a NULL...

UBUNTU-CVE-2022-49187

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clkhwgetclk when dev is NULL Any registered clkcore structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clkregister and clkhwregister with a NULL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the clkhwgetclk function not properly handling a device pointer when it is NULL, which could result in a nul...

CLSA-2023-1700686509 Update of microcode_ctl

Fix silent microcode rejection in some cases - Loading to /dev/null is enabled on VM...

SUSE CVE-2011-2518

The tomoyomountacl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kernpath function with arguments taken directly from a mount system call, which allows local users to cause a denial of service OOPS or possibly have unspecified other impact via a NULL value for...

ghostscript: Incorrect free logic in pagedevice replacement (699664)

It was discovered that the ghostscript device cleanup did not properly handle devices replaced with a null device. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted...

UBUNTU-CVE-2011-2518

The tomoyomountacl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kernpath function with arguments taken directly from a mount system call, which allows local users to cause a denial of service OOPS or possibly have unspecified other impact via a NULL value for...

PT-2011-3912 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39.2 Description: The issue is related to the tomoyo mount acl function in the Linux kernel, which calls the kern path function with arguments taken directly from a mount system call. This allows local users...