62632 matches found
RXSA-2025:4341 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: kobjectuevent: Fix OOB access within zapmodaliasenv CVE-2024-42292 kernel: ipvs: properly dereference pe in ipvsaddservice CVE-2024-42322 kernel: bonding: fix null pointer deref in...
kernel security update
An update is available for kernel. This update affects Rocky Linux SIG Cloud 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues
Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2025-11187...
php: Fix of CVE-2026-7262
CVE-2026-7262: fix NULL pointer dereference in SOAP apache map decoder typemap configured...
CVE-2026-43496
A flaw was found in the Linux kernel's networking scheduler component. This vulnerability occurs when a specific queueing discipline qdisc configuration is used, where a parent qdisc attempts to retrieve a network packet from a child qdisc. An incorrect function call during this process can lead ...
SUSE-SU-2026:2037-1 Security update for php8
This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...
CVEs
NULL Dereference The vulnerabilities found in cryptofioctl...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from schred qdisc directly calling dequeue of sub-qdisc instead of peek and qdiscdequeuepeeked. This could...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: OPP: Fixed a potential null pointer dereference in devpmoppgetrequiredpstate. The “opp” pointer is dereferenced before the ISERRORNULL check. This issue was fixed by removing the dereference of the “opp” pointer from the cache an...
Astra Linux - уязвимость в imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL Magick Scripting Language parser when processing tags before images are loaded. This can lead to DoS attacks due to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check to attrloadrunsvcn Some metadata files are processed before the MFT. This requires adding a null pointer check for certain corner cases that could lead to NPD when reading these metadata...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Media: ti-vpe: cal: Fixed a NULL pointer dereference in calctxv4l2initformats In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt, and there is a dereference of it afterward. This could lead to a NULL pointer...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: mfd: davincivoicecodec: Fixed a possible nullptrderef issue in davincivcprobe. This issue could lead to a nullptrderef when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after devmioremapresource will preve...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platformgetresourcebyname This issue could lead to a null-ptr-deref error if platformgetresourcebyname returns NULL. Therefore, we need to check the return value...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: A potential NULL pointer access was fixed in ftgmac100 Phydisconnect. After the call to phydisconnect, netdev-phydev is reset to NULL. Therefore, phydeviceunregister will be called with a NULL pointer as an...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: parisc: led: Fix potential null-ptr-deref in starttask starttask calls createsinglethreadworkqueue, and the return value is not checked. This may result in a NULL return value. A null-ptr-deref could occur as a result: starttask...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: Policy issue: Fixing the metadata dst-dev xmit null pointer dereference. When attempting to transmit an skb with metadatadst attached i.e., dst-dev == NULL through the xfrm interface, a null pointer dereference may occur in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev: The issue was fixed by correcting fbsetvar to prevent a null-ptr dereference in fbvideomodetovar. If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, it may lead to a null-ptr dereference in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Do not access a released socket during error recovery. While the error recovery mechanism is temporarily failing due to reconnect attempts, running the nvme list command causes a kernel NULL pointer derefrence by callin...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: nl80211 – Fix for NULL-ptr dereference in the offchan check. If, for example, in AP mode, the link has already been created by the user space, but has not yet been activated, it has a chandef field, but the chandef is inval...