OESA-2025-2110 aide security update

Security Fixes: A vulnerability was found in AIDE up to 0.19.1 and classified as problematic.Using CWE to declare the problem leads to CWE-117. The product does not neutralize or incorrectly neutralizes output that is written to logs.Impacted is integrity.Upgrading to version 0.19.2 eliminates th...

CVE-2025-53603

In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body...

CVE-2022-50132

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If 'ep' is NULL, result of eptocdns3epep is invalid pointer and its dereference with privep-cdns3dev may cause panic. Found by Linux...

PT-2025-25873 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.0-rc1-next-20220819-syzkaller Description: A null-ptr dereference issue has been resolved in the Linux kernel. The issue occurred when a binder proc received a transaction without having previously called mm...

SUSE-SU-2025:01534-1 Security update for augeas

This update for augeas fixes the following issues: - CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909...

CVE-2022-41841

An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4File::ParseStream in Core/Ap4File.cpp, which is called from AP4File::AP4File...

CVE-2021-3119

Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...

CVE-2020-21834

A null pointer deference issue exists in GNU LibreDWG 0.10 via getbmp ../../programs/dwgbmp.c:164...

CVE-2019-13238

An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a NULL...

CVE-2023-53110 net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

CVE-2022-49930 RDMA/hns: Fix NULL pointer problem in free_mr_init()

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer problem in freemrinit Lock grab occurs in a concurrent scenario, resulting in stepping on a NULL pointer. It should be init mutexinit first before use the lock. Unable to handle kernel NULL pointer...

CVE-2022-49930 RDMA/hns: Fix NULL pointer problem in free_mr_init()

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer problem in freemrinit Lock grab occurs in a concurrent scenario, resulting in stepping on a NULL pointer. It should be init mutexinit first before use the lock. Unable to handle kernel NULL pointer...

CVE-2022-49930

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer problem in freemrinit Lock grab occurs in a concurrent scenario, resulting in stepping on a NULL pointer. It should be init mutexinit first before use the lock. Unable to handle kernel NULL pointer...

CVE-2025-37755 net: libwx: handle page_pool_dev_alloc_pages error

In the Linux kernel, the following vulnerability has been resolved: net: libwx: handle pagepooldevallocpages error pagepooldevallocpages could return NULL. There was a WARNON!page but it would still proceed to use the NULL pointer and then crash. This is similar to commit 001ba0902046 "net: fec:...

SUSE-SU-2025:1413-1 Security update for augeas

This update for augeas fixes the following issues: - CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909...

CVE-2025-31115

The CVE-2025-31115 affects XZ Utils’ liblzma multithreaded .xz decoder (lzma_stream_decoder_mt) in versions 5.3.3alpha through 5.8.0. The issue can cause a crash with heap-use-after-free and writes to memory based on a NULL pointer plus an offset, impacting applications/libraries that invoke the ...

CVE-2025-31115

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

CVE-2025-22006

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence Registering the interrupts for TX or RX DMA Channels prior to registering their respective NAPI callbacks can result in a NULL pointer dereference. This is seen in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56587)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56587 advisory. - In the Linux kernel, the following vulnerability has been resolved: leds: class: Protect brightnessshow with...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56587)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56587 advisory. - In the Linux kernel, the following vulnerability has been resolved: leds: class: Protect brightnessshow with...