CVE-2022-50503 mtd: lpddr2_nvm: Fix possible null-ptr-deref

In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeaddrange invoked, if platformgetresource returns NULL...

CVE-2022-50503

CVE-2022-50503 affects the Linux kernel component mtd: lpddr2_nvm. The vulnerability is a possible null-ptr-deref in resource_size(add_range) when platform_get_resource() returns NULL. This is triggered in the lpddr2_nvm code path and can lead to a crash/local impact as described. The issue has b...

CVE-2022-50503 mtd: lpddr2_nvm: Fix possible null-ptr-deref

In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeaddrange invoked, if platformgetresource returns NULL...

CVE-2023-53555 mm/damon/core: initialize damo_filter->list from damos_new_filter()

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damofilter-list from damosnewfilter damosnewfilter is not initializing the list field of newly allocated filter object. However, DAMON sysfs interface and DAMONRECLAIM are not initializing it after calli...

CVE-2022-50481 cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()

In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlguestinitafu|adapter If deviceregister fails in cxlregisterafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-dere...

EUVD-2025-32388

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCPREPAIR A NULL pointer dereference can occur in tcpaofinishconnect during a connect system call on a socket with a TCP-AO key added and TCPREPAIR enabled. The...

EUVD-2025-32398

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Always pass in an error pointer to sevplatformshutdownlocked When 9770b428b1a2 "crypto: ccp - Move devinfo/err messages for SEV/SNP init and shutdown" moved the error messages dumping so that they don't need to be...

EUVD-2025-32386

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C tcpcclient device,...

AZL-68129 CVE-2025-39934 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C tcpcclient device,...

CVE-2025-39950 net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCPREPAIR A NULL pointer dereference can occur in tcpaofinishconnect during a connect system call on a socket with a TCP-AO key added and TCPREPAIR enabled. The...

CVE-2025-39938

The CVE-2025-39938 issue is a NULL pointer dereference in ASoC/qcom: q6apm-lpass-dais when the source graph fails (e.g., ADSP/topology rejection). The bug can cause a crash during snd_soc_pcm_dai_prepare due to dai_data->graph[dai->id] being NULL. The Linux kernel has been updated to fix th...

CVE-2025-39936

The CVE-2025-39936 issue affects the Linux kernel crypto: ccp code path used during SEV/SNP shutdown. Root cause: __sev_firmware_shutdown() could call __sev_platform_shutdown_locked() with a NULL argument after the error-messages refactor, causing a NULL pointer dereference on the shutdown path d...

CVE-2025-39934

CVE-2025-39934: Linux kernel drm: bridge: anx7625 fixes a NULL pointer dereference when an IRQ fires before resource initialization, potentially accessing uninitialized I2C tcpc_client data. The NVD entry notes a MEDIUM base score (5.5) with LOCAL attack vector and LOW PR, HIGH impact on availabi...

389-ds-base security update

An update is available for 389-ds-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The ba...

RLSA-2025:7243 Moderate: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized list field of a newly allocated filter object in the damosnewfilter function, which could...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check for the existence of a client, which could result in a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uplink network device access not being properly protected during device unbundling, which could result in a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not verifying that skb is null, which could lead to a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a possible null pointer dereference and reuse after release on nftsetrbtree element insertion, which could lea...