Entr'ouvert Lasso lasso_provider_verify_saml_signature denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2194 Entr'ouvert Lasso lassoproviderverifysamlsignature denial of service vulnerability November 5, 2025 CVE Number CVE-2025-46404 SUMMARY A denial of service vulnerability exists in the lassoproviderverifysamlsignature functionality of Entr'ouvert Lasso 2.5....

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988999)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988999 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips,...

CVE-2025-54332

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npuvertexprofileoff function...

CVE-2025-40107

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

...

CVE-2025-54332

The CVE-2025-54332 entry concerns Samsung Mobile Processor Exynos 1380 NPU. The issue is a NULL pointer dereference in the npu_vertex_profileoff function, specifically involving profiler.node. Documents confirm the affected component as the NPU within Exynos 1380, with a CVSS v3.1 base score of 7...

CVE-2025-54334

The CVE-2025-54334 entry affects Samsung Mobile Processor Exynos family (1280, 2200, 1380, 1480, 2400, 1580, 2500) with a NULL pointer dereference in the NPU driver, specifically in the __npu_vertex_bootup function (hdev). Connections across Red Hat, NVD, CNNVD, CIRCL, and PT Security corroborate...

CVE-2025-54332

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npuvertexprofileoff function...

SAMSUNG Exynos 1380 安全漏洞

SAMSUNG Exynos 1380 is a cell phone chip processor from Samsung South Korea. A security vulnerability exists in SAMSUNG Exynos 1380, which originates from a null pointer dereference in the npuvertexprofileoff function...

SAMSUNG Mobile Processor Exynos 安全漏洞

SAMSUNG Mobile Processor Exynos is a system-on-chip SoC from South Korea's Samsung SAMSUNG dedicated to smartphones and tablets. A security vulnerability exists in SAMSUNG Mobile Processor Exynos due to a null pointer dereference to hdev in the npuvertexbootup function. The following products are...

PT-2025-45028

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1280 Samsung Mobile Processor Exynos 2200 Samsung Mobile Processor Exynos 1380 Samsung Mobile Processor Exynos 1480 Samsung Mobile Processor Exynos 2400 Samsung Mobile Processor Exynos 1580 Samsung Mobile...

CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: atm: clip: Fixed a potential nullptrderef issue in toatmarpd. Atmarpd is protected by RTNL since commit f3a0592b37b8 “ATM: clip causes unregister hang”. However, this protection is insufficient because toatmarpd is called...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fbaddvideomode to prevent nullptrderef. The fbaddvideomode function may fail with -ENOMEM if its internal kmalloc function cannot allocate a struct fbmodelist. In such cases, the modelist remains empty, but th...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: soc: aspeed: lpc-snoop: Do not disable channels that are not enabled. The following issues have been mitigated: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle a kernel...

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: serial: Fixed a potential nullptrderef in mlbusioprobe The devmioremap function can return NULL in case of an error. Currently, mlbusioprobe does not check for this case, which could lead to a NULL pointer dereference. A NULL che...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a Null pointer dereference vulnerability Why A Null pointer dereference vulnerability exists in the cleanup function dcdestruct of the AMD display driver’s DC module. When the construction of the display...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A null pointer dereference issue in destroyprevioussession has been fixed. If the -PreviousSessionId is set during the Kerberos session setup phase, a null pointer dereference error may occur. Since sess-user is not set ye...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: ad1816a: Fixed a potential NULL pointer dereferencing in sndcardad1816apnp. Use prwarn instead of devwarn when ‘pdev’ is NULL to avoid potential NULL pointer dereferencing...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pcmcia: A NULL pointer dereferencing was fixed in iodynfindioregion. In iodynfindioregion, pcmciamakeresource is assigned to res and used in pciBusallocResource. There is a dereferencing of res in pciBusallocResource, which could...