Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bug: Unchecked dereferencing of a NULL pointer in the kernel. Address: 0000000000000000 Causes: - ip6rcvcore net/ipv6/ip6input.c:190:20 - ipv6rcv net/ipv6/ip6input.c:306:8 - processbacklog net.core/dev.c:6186:4 - napipoll...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – Do not ping devices that have failed to load firmware. Syzkaller reports that 1 and 2 crashes occur due to attempts to ping devices that have failed to load firmware. Since such devices fail to pass the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Correctly handled csum tree errors with rescue=ibadroots. BUG There is a syzbot-based reproducer that can cause the kernel to crash. The call trace is as follows with some debug output added: DEBUG: rescue=ibadroots...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Check the result of jffs2preallocrawnoderefs in a few other locations. Fuzzing revealed another invalid pointer dereferencing due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subseque...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: media: dvb-frontends: dib7090p: A fix was added for the null pointer dereference in dib7090prwonapb. In dib7090prwonapb, msg is controlled by the user. When msg0.buf is null and msg0.len is zero, previous checks on msg0.buf...

MGASA-2025-0252 Updated libtiff packages fix security vulnerabilities

LibTIFF fax2ps tiff2pdf.c t2preadtiffinit null pointer dereference. CVE-2024-13978 LibTIFF tiffmedian.c gethistogram use after free. CVE-2025-8176 LibTIFF thumbnail.c setrow buffer overflow. CVE-2025-8177 libtiff tiff2ps tiff2ps.c PSLvl2page null pointer dereference. CVE-2025-8534 LibTIFF tiffcro...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link why Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOP...

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

...

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.

...

ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card

...

Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700716 fixes one issue. The following security issue was fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

EUVD-2023-60053

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability when adding or configuring Email Settings. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views the affecte...

EUVD-2022-55673

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS via the Apply Configuration error text. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

SUSE CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

FRRouting Denial of Service Vulnerability (CNVD-2026-10884)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereferencing via the showvtyunknowntlv function on ospfext.c. An attacker could exploit this vulnerability to caus...

FRRouting Denial of Service Vulnerability (CNVD-2026-10885)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting has a denial of service vulnerability caused by NULL pointer dereference via the showvtyextlinklanadjsid function on ospfext.c, which can be exploited by an attacker to cause a denial o...

FRRouting Denial of Service Vulnerability (CNVD-2026-10883)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c. An attacker could exploit this vulnerability to...

CVE-2025-23332

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service. Mitigation Mitigation for this issue is either not available or the current...

CVE-2025-23330

NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service. Mitigation Mitigation for this issue is either not available or the currently available optio...

CVE-2025-23300

NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service. Mitigation Mitigation for this issue is either n...