CVE-2026-23366

The CVE-2026-23366 entry concerns the Linux kernel DRM client component. A vulnerability in drm_client_modeset_probe can lead to a NULL pointer dereference when ‘modes’ fails to be allocated with kcalloc; if an error path calls modes_destroy on this NULL pointer, a crash can occur. The issue is r...

CVE-2026-23349 HID: pidff: Fix condition effect bit clearing

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits fro...

CVE-2026-23349

CVE-2026-23349 concerns the Linux kernel HID subsystem, specifically the pidff module. The issue arises from not clearing all conditional effect bits, which can lead to NULL pointer dereferences and potential system instability. The root cause is improper handling of the ffbit flag where some con...

CVE-2026-23328 accel/amdxdna: Fix NULL pointer dereference of mgmt_chann

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...

CVE-2026-23304 ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...

CVE-2026-23304

The connected advisories confirm CVE-2026-23304 affects the Linux kernel IPv6 routing code. Root cause: l3mdev_master_dev_rcu() can return NULL when a slave device is un-slaved from a VRF, and ip6_rt_get_dev_rcu() used by ip6_rt_pcpu_alloc() did not fall back to loopback, causing a NULL pointer d...

CVE-2026-23293

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If an IPv6...

CVE-2026-23286

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix null-ptr-deref in lecarpclearvccs syzkaller reported a null-ptr-deref in lecarpclearvccs. This issue can be easily reproduced using the syzkaller reproducer. In the ATM LANE LAN Emulation module, the same atmvcc can...

CVE-2026-23286 atm: lec: fix null-ptr-deref in lec_arp_clear_vccs

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix null-ptr-deref in lecarpclearvccs syzkaller reported a null-ptr-deref in lecarpclearvccs. This issue can be easily reproduced using the syzkaller reproducer. In the ATM LANE LAN Emulation module, the same atmvcc can...

CVE-2026-23279

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

CVE-2026-23279 wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

EUVD-2026-15165

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may ...

CVE-2026-28886

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may ...

CVE-2026-28886

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may ...

CVE-2026-28886

CVE-2026-28886 describes a null pointer dereference addressed by improved input validation. Apple’s advisory states this affects multiple Apple platforms and products, with a vulnerable condition that could allow a user in a privileged network position to trigger a denial‑of‑service. The fixed ve...

SUSE CVE-2026-26828

A NULL pointer dereference in the daapreplyplaylists function src/httpddaap.c of owntone-server commit 3d1652d allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility that the drmclientmodesetprobe function may call the destructor function on null...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from accessing offline CPU data when the Turbo Boost feature is disabled. This vulnerability may lead ...

Linux Distros Unpatched Vulnerability : CVE-2026-23366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/client: Do not destroy NULL modes 'modes' in drmclientmodesetprobe may fail to kcalloc. If this occurs, we jump to 'out', calling modesdestroy on it, which...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of input validation protection, potentially leading to null pointer dereferencing...