Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the null pointer dereferencing in iassoc inode in nilfs2, potentially leading to general protecti...

PT-2026-34973

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bnge driver where the error path fails to return after calling the auxiliary device uninit function. When auxiliary device add fails, the system calls auxiliary...

SUSE CVE-2026-6844

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

SUSE CVE-2026-31437

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...

SUSE CVE-2026-33600

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

Oracle Linux 10 : wireshark (ELSA-2026-9666)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9666 advisory. - Resolves: RHEL-152921 - CVE-2026-3203 Buffer Over-read - Resolves: RHEL-152912 - CVE-2026-3201 Improperly Controlled Sequential Memory Allocation -...

Linux Distros Unpatched Vulnerability : CVE-2026-33262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are...

CVE-2026-31510

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol module. This vulnerability, a null pointer dereference, occurs in the l2capsockreadycb function because it fails to validate if a pointer is null before attempting to use it. An attacker within...

CVE-2026-31437

A flaw was found in the Linux kernel's netfs component. When a write operation is retried, the netfsunbufferedwrite function can attempt to access a non-existent function, leading to a NULL pointer dereference. This vulnerability can be triggered by specific filesystem configurations, such as 9P,...

EUVD-2026-24797

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts-nr before accessing contextsarr0 Multiple sysfs command paths dereference contextsarr0 without first verifying that kdamond-contexts-nr == 1. A user can set nrcontexts to 0 via sysfs while DAMON is...

CVE-2026-31481

In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...

CVE-2026-31458

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts-nr before accessing contextsarr0 Multiple sysfs command paths dereference contextsarr0 without first verifying that kdamond-contexts-nr == 1. A user can set nrcontexts to 0 via sysfs while DAMON is...

CVE-2026-31510

CVE-2026-31510: Linux kernel Bluetooth L2CAP vulnerability due to a null pointer dereference in l2cap_sock_ready_cb. The issue arises because sk is used without verifying it’s non-null, leading to a kernel panic/DoS. Multiple OS advisories (Debian roots, Ubuntu, Red Hat, SUSE, etc.) report the pa...

CVE-2026-31458

Technical details (affected product, vulnerable component, and remediation) are not provided in the connected documents. Monitor for updates.

CVE-2026-31436 dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...

EUVD-2026-24729

An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default...

EUVD-2026-24731

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

UBUNTU-CVE-2026-35334

Possible NULL-Pointer Dereference in RSA Decryption...

CVE-2026-33601

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

CVE-2026-33600

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...