CVE-2025-62848

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build...

SUSE CVE-2025-68176

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

PT-2025-51879

Name of the Vulnerable Software and Affected Versions Sante PACS Server affected versions not specified Description A flaw exists in the handling of the HTTP Content-Length header within Sante PACS Server. The issue stems from insufficient validation of a pointer before access, potentially leadin...

Linux Distros Unpatched Vulnerability : CVE-2025-40346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of PTRERRORZERO in topologyparsecpucapacity which causes the code to proce...

SUSE SLES12 Security Update : libssh (SUSE-SU-2025:4408-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:4408-1 advisory. - CVE-2025-8114: Fixed a NULL pointer dereference when calculating session ID during KEX. bsc1246974 Tenable has extracted the preceding description...

SUSE SLES12 Security Update : xkbcomp (SUSE-SU-2025:4407-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4407-1 advisory. - CVE-2018-15863: NULL pointer dereference triggered by a a crafted keymap file with a no-op modmask expression can lead to a crash bsc1105832....

EUVD-2025-203794

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

EUVD-2025-203778

In the Linux kernel, the following vulnerability has been resolved: net: sxgbe: fix potential NULL dereference in sxgberx Currently, when skb is null, the driver prints an error and then dereferences skb on the next line. To fix this, let's add a 'break' after the error message to switch to...

AZL-72622 CVE-2025-68286 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

CVE-2025-68286

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

EUVD-2025-203720

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

CVE-2025-68257

In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...

CVE-2025-68176

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

UBUNTU-CVE-2025-68213

In the Linux kernel, the following vulnerability has been resolved: idpf: fix possible vportconfig NULL pointer deref in remove Attempting to remove the driver will cause a crash in cases where the vport failed to initialize. Following trace is from an instance where the driver failed during an...

CVE-2025-68176

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

UBUNTU-CVE-2025-68180

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odmcombinesegments When a connector is connected but inactive e.g., disabled by desktop environments, pipectx-streamres.tg will be destroyed. Then, reading odmcombinesegments causes kern...

CVE-2025-40346

In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of PTRERRORZERO in topologyparsecpucapacity which causes the code to proceed with NULL clock pointers. The current logic uses !PTRERRORZEROcpuc...

CVE-2025-68238 mtd: rawnand: cadence: fix DMA device NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is properly initialized. Move the assignment of dmadev after successfully...

CVE-2025-68238 mtd: rawnand: cadence: fix DMA device NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is properly initialized. Move the assignment of dmadev after successfully...

CVE-2025-68229

CVE-2025-68229 affects the Linux kernel scsi/tcm_loop code. The issue is a NULL pointer dereference in tcm_loop_tpg_address_show() when tl_hba->sh is not allocated, leading to a segfault if tcm_loop_driver_probe() fails to allocate the scsi_host. The fix is to check tl_hba->sh before derefe...