PT-2026-46032

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the k230 pinctrl driver during the probing process when parsing the devicetree. The issue arises within the k230 pinctrl parse functions function,...

Linux Distros Unpatched Vulnerability : CVE-2026-45966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file...

PT-2026-45933

A NULL pointer dereference in the gf filter pid resolve file template ex function /filter core/filter pid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

Linux Distros Unpatched Vulnerability : CVE-2026-10298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. T...

Linux Distros Unpatched Vulnerability : CVE-2026-46118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pseries/papr-hvpipe: Fix null ptr deref in paprhvpipedevcreatehandle commit 6d3789d347a7 papr- hvpipe: convert paprhvpipedevcreatehandle to FDPREPARE, changed t...

PT-2026-46024

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential NULL pointer dereference exists in the wpcm fiu probe function. This occurs because platform get resource byname can return a NULL value, which leads to a system crash when...

Important: Red Hat Security Advisory: php8.4 security update

An update for php8.4 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2026-8035

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

USN-8374-1 linux-aws-6.17, linux-gcp, linux-gcp-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

CVE-2026-8035 NULL pointer dereference in NI-PAL

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

CVE-2026-8035 NULL pointer dereference in NI-PAL

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

USN-8373-1 linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

CVE-2026-10199

A flaw was found in Assimp. A local attacker could trigger a null pointer dereference by manipulating an argument in the glTF2::LazyDict function. This vulnerability, located in the glTF2Asset.h library, could lead to an application crash, resulting in a denial of service DoS. Mitigation Mitigati...

CVE-2026-10198

A flaw was found in Assimp, specifically within the glTFImporter component. A local attacker could exploit a null pointer dereference vulnerability in the Assimp::glTFImporter::ImportMeshes function. This could lead to a denial of service DoS by causing the application to crash. Mitigation...

OPENSUSE-SU-2026:20875-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2026-25833: mbedtls: buffer overflow in the x509inetptonipv6 function bsc1261476. - CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello bsc1261477. - CVE-2026-25835: mbedtls: no...

CVE-2025-60483

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

SUSE CVE-2026-10197

A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local...