Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function acpiprocessorerratapiix4. In this function, the pointer dev is overwritten with NULL,...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the checkmemaccess function in the BPF module, which matches PTRTOBUF pointers using...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper removal order of the q6apm component during ADSP shutdown and startup, potentially leading...

PT-2026-39017

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the adis init function. The function attempts to dereference adis-ops to verify if specific function pointers write, read, reset are NULL without fir...

JLSEC-2026-484

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...

Security update for mozjs52

This update for mozjs52 fixes the following issues CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing bsc1259713...

SUSE-SU-2026:1742-1 Security update for mozjs52

This update for mozjs52 fixes the following issues - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. - CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing...

CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

CVE-2026-8063

CVE-2026-8063 affects MongoDB Server 8.2

CVE-2026-8063

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

CVE-2026-44602

Tor before 0.4.9.7 is affected by a NULL pointer dereference when a CERT cell is received out of order (TROVE-2026-006). This can lead to a denial of service, rendering the Tor service unavailable to legitimate users. The issue is triggered remotely via crafted CERT cells; sources in Red Hat and ...

SUSE CVE-2026-43098

In the Linux kernel, the following vulnerability has been resolved: nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes into recvskb and may already deliver a complete frame before allocatin...

SUSE CVE-2026-43164

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the cited commit, udplibinitsock can fail, as can udpinitsock and udpv6initsock. Let's handle the error in...

CVE-2026-43271

A flaw was found in the Linux kernel's md-cluster module. During the startup of a multi-device MD array, a race condition can occur where a remote node sends a metadata update message before the system is fully ready to process it. This premature processing leads to a null pointer dereference,...

GoBGP 代码问题漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.4.0 of GoBGP contains a code vulnerability. This vulnerability arises from unauthenticated remote BGP peers sending specially crafted BGP UPDATE messages. When servers process messages with...

GoBGP 代码问题漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a code vulnerability that arises from a null pointer dereferencing during the processing of malformed BGP UPDATE messages containing unrecognized Well-known path attributes...

Tor 代码问题漏洞

Tor is a virtual tunnel network operated by the Tor Project organization. It allows individuals and groups to enhance their privacy and security on the Internet. Versions of Tor prior to 0.4.9.7 contained a code vulnerability caused by a null pointer dereferencing when the CERT unit received data...

CLSA-2026-1777942724 vim: Fix of 3 CVEs

CVE-2021-3928: fix reading uninitialized memory in spell suggestions spellsuggest.c - CVE-2022-1616: fix buffer overflow in invalid command with composing chars exdocmd.c - CVE-2022-1620: fix NULL pointer dereference when using invalid pattern buffer.c...

CVE-2026-43159

A flaw was found in the rtl8723bs Wi-Fi driver within the Linux kernel. This vulnerability occurs when a pointer, pwlan, can become null before being used in the rtwfreenetworknolock function, leading to a null pointer dereference. An attacker could potentially exploit this to cause a system cras...