31519 matches found
CVE-2025-40123
CVE-2025-40123 affects the Linux kernel BPF tailcalls in the BPF subsystem. A fuzzer found an uninitialized pointer in bpf_prog_test_run_xdp() leading to a NULL pointer dereference when a BPF program accesses txq in an xdp_buff, depending on the program’s expected_attach_type. The root cause is m...
CVE-2025-40119
CVE-2025-40119 affects the Linux kernel ext4 subsystem. The root cause is a potential null dereference in ext4_mb_init() where ext4_mb_avg_fragment_size_destroy() could be invoked with sbi->s_mb_avg_fragment_size uninitialized (e.g., groupinfo slab cache allocation failure), due to missing nul...
CVE-2025-40119 ext4: fix potential null deref in ext4_mb_init()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if groupinfo slab cache allocation fails. Since...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...
Linux Distros Unpatched Vulnerability : CVE-2025-40144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvdimm: ndtest: Return -ENOMEM if devmkcalloc fails in ndtestprobe devmkcalloc may fail. ndtestprobe allocates three DMA address arrays dcrdma, labeldma, dimmdm...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check resource validity, which could result in a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient validation of the attach type, which could lead to null pointer dereferencing...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a zero-length checksum causing a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if the addsidecar callback is null, which could result in a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked quota consistency that could lead to a null pointer dereference...
编号撤回
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unhandled memory allocation failure that could lead to a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an access contention in blk-throttle during throttle policy activation, which could lead to a null pointer...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the dcstreamsetcursorattributes function not checking for stream pointers and their nested members, which could...
IEC104 安全漏洞
IEC104 is an international standard of the International Electrotechnical Commission IEC standards organization widely used in the electric power, urban rail transit, and other industries. A security vulnerability exists in IEC104 Commit be6d841 and prior versions, which stems from the possibilit...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a null pointer dereference...
EulerOS 2.0 SP10 : openjpeg2 (EulerOS-SA-2025-2397)
According to the versions of the openjpeg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.CVE-2025-50952 Tenable has extracted the...
EulerOS 2.0 SP10 : aide (EulerOS-SA-2025-2405)
According to the versions of the aide package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990802)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990802 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref in drmvblankdestroyworker drmvblankinit call drmmaddactionorres...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990797)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990797 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatlinkadd In atatlinkadd, the return value of...
EulerOS 2.0 SP12 : openjpeg2 (EulerOS-SA-2025-2338)
According to the versions of the openjpeg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.CVE-2025-50952 Tenable has extracted the...