63002 matches found
CVE-2026-10593
The CVE affects Zephyr’s Bluetooth LE Audio BAP unicast client. In unicast_client_ep_qos_state(), the handler writes attacker-controlled QoS fields via stream-qos with only a stream != NULL guard. stream-qos is NULL for streams codec-configured but not yet added to a unicast group, creating a win...
DEBIAN-CVE-2026-53281
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...
EUVD-2026-39859
In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...
EUVD-2026-39853
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925txcheckaggr Move the NULL check for 'sta' before dereferencing it to prevent a possible crash...
CVE-2026-53318
CVE-2026-53318 describes a fix in the Linux kernel’s wireless stack: for mt76/mt7925, a NULL pointer dereference in mt7925_tx_check_aggr() was mitigated by moving the NULL check for the 'sta' pointer before its dereference, preventing a possible crash. The vulnerability affects the mt7925 compone...
EUVD-2026-39850
In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascoregetutcsecondtimestamp rascoregetutcsecondtimestamp retrieves the current UTC timestamp in seconds since the Unix epoch through a platform-specific RAS system callback and is used for...
EUVD-2026-39851
In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...
CVE-2026-53316
The CVE affects the Linux kernel DRM/AMD ras subsystem. A NULL pointer dereference could occur in ras_core_ras_interrupt_detected when ras_core is NULL and ras_core->dev is accessed in the error path. The issue has been resolved with a fix in the kernel code (details referenced in the advisory...
EUVD-2026-39848
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...
CVE-2026-53313
The CVE relates to the Linux kernel DRM/AMD display path. In dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace(), code path checks meant to guard against null dc_dmub_srv or dc_dmub_srv->dmub incorrectly call DC_LOG_ERROR(), which uses dc_dmub_srv->ctx. If dc_dmub_srv is N...
EUVD-2026-39836
In the Linux kernel, the following vulnerability has been resolved: reset: amlogic: t7: Fix null reset ops Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet...
CVE-2026-53301
The CVE-2026-53301 entry concerns the Linux kernel: a fix for null reset ops in the amlogic t7 reset pathway to prevent a kernel NULL pointer dereference. The issue arises from missing reset ops, with the affected SOC’s reset reportedly not used yet. The connected documents indicate that the reme...
EUVD-2026-39834
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainittx If queue entry list allocation fails in airohaqdmainittxqueue routine, airohaqdmacleanuptxqueue will trigger a NULL pointer dereference accessing the queue entry...
CVE-2026-53299
CVE-2026-53299 concerns the Linux kernel net/airoha driver. The issue arises when queue entry list allocation fails inside airoha_qdma_init_tx_queue; due to an early initialization of ndesc, airoha_qdma_cleanup_tx_queue() may dereference a NULL queue entry array. The fix moves ndesc initializatio...
EUVD-2026-39894
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM firmware update via nvmupdate64e, icevsirebuild tears down the VSI on its...
CVE-2026-53289
In the Linux kernel ice driver, CVE-2026-53289 describes a NULL pointer dereference in ice_reset_all_vfs caused by ignoring the return value of ice_vf_rebuild_vsi(). If a VSI rebuild fails (e.g., during NVM firmware update), ice_vsi_rebuild_vsi leaves txq_map/rxq_map NULL and ice_vf_post_vsi_rebu...
EUVD-2026-39886
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...
CVE-2026-53281 iommu/vt-d: Avoid NULL pointer dereference or refcount corruption
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...
CVE-2026-53281
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...
CVE-2026-53281
The CVE-2026-53281 entries describe a Linux kernel IOMMU VT-d issue where NULL pointer dereference or refcount corruption could occur during teardown if dev_pasid was not found in the dev_pasids list or if domain was never attached. The root cause was improper teardown execution after potential N...