CVE-2025-38275 phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs ISERR bug The qmpusbiomap helper function currently returns the raw result of devmioremap for non-exclusive mappings. Since devmioremap may return a NULL pointer and the caller only checks error...

CVE-2025-38208

CVE-2025-38208 is resolved in the Linux kernel: smb client adds a NULL check in automount_fullpath to prevent NULL dereference when tcon->origin_fullpath is set. The issue was a missing null check in __build_path_from_dentry_optional_prefix for the case when origin_fullpath is present. Affects...

CVE-2025-38143 backlight: pm8941: Add NULL check in wled_configure()

In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wledconfigure devmkasprintf returns NULL when memory allocation fails. Currently, wledconfigure does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

CVE-2025-38021

CVE-2025-38021 affects the Linux kernel in the DRM AMD Display path (drm/amd/display), where update_dchubp_dpp and related code could dereference a null pipe_ctx->plane_state. The issue is a missing null check in the update path that could lead to a null pointer dereference; it is stated to be...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: fix usbmisc handling usbmisc is an optional device property; therefore, it is completely valid for the corresponding data-usbmiscdata to have a NULL value. This check was performed before dereferencing t...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check of BO’s backing stores when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo-tbo.resource will be NULL. Check for this before dereferencing. Cherry-picked from commit...

PT-2025-46748

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/amdkfd subsystem related to a kernel process reference leak when unmapping user pointers. Specifically, the kfd lookup process by pid function can...

CVE-2025-37912

In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in icevcaddfdirfltr As mentioned in the commit baeb705fd6a7 "ice: always check VF VSI pointer values", we need to perform a null pointer check on the return value of icegetvfvsi before using it...

CVE-2025-37900

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommucopystructfromuser In the review for iommucopystructtouser helper, Matt pointed out that a NULL pointer should be rejected prior to dereferencing it:...

CVE-2025-37912

CVE-2025-37912 affects the Linux kernel ICE driver. The root cause is a missing null pointer check on the value returned by ice_get_vf_vsi(), which could lead to using a NULL VSI pointer in ice_vc_add_fdir_fltr(). The fix, described in commit baeb705fd6a7 ("ice: always check VF VSI pointer values...

CVE-2025-37912 ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()

In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in icevcaddfdirfltr As mentioned in the commit baeb705fd6a7 "ice: always check VF VSI pointer values", we need to perform a null pointer check on the return value of icegetvfvsi before using it...

CVE-2025-37900 iommu: Fix two issues in iommu_copy_struct_from_user()

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommucopystructfromuser In the review for iommucopystructtouser helper, Matt pointed out that a NULL pointer should be rejected prior to dereferencing it:...

SUSE-SU-2025:1550-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security: - CVE-2025-27587: Timing side channel vulnerability in the P-384 implementation when used with ECDSA in the PPC architecture bsc1240366. - Missing null pointer check before accessing handshakefunc in ssllib.c bsc1240607. FIPS: -...

PT-2025-22646 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: openssl-3 affected versions not specified Description: The issue concerns a timing side channel vulnerability in the P-384 implementation when used with ECDSA in the PPC architecture. Additionally, there is a missing null pointer check before...

kernel: drm/amdgpu: fix the waring dereferencing hive

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpuhiveinfo hive that maybe is NULL...

SUSE-SU-2025:1534-1 Security update for augeas

This update for augeas fixes the following issues: - CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909...

CVE-2025-37881

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer check in astvhubinitdev The variable d-name, returned by devmkasprintf, could be NULL. A pointer check is added to prevent potential NULL pointer dereference. This is similar to the fix in...

CVE-2025-37881 usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer check in astvhubinitdev The variable d-name, returned by devmkasprintf, could be NULL. A pointer check is added to prevent potential NULL pointer dereference. This is similar to the fix in...

CVE-2025-37881

In CVE-2025-37881, the Linux kernel USB gadget aspeed driver (ast_vhub_init_dev) fixes a NULL pointer dereference by adding a NULL check for d->name (returned by devm_kasprintf). The issue could occur if devm_kasprintf() returns NULL, potentially leading to a crash. The patch, which references...

CVE-2025-37881 usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer check in astvhubinitdev The variable d-name, returned by devmkasprintf, could be NULL. A pointer check is added to prevent potential NULL pointer dereference. This is similar to the fix in...