OwnTone 安全漏洞

OwnTone is an open-source Linux/FreeBSD DAAP iTunes, MPD Music Player Daemon, and RSP Roku media server. Previous versions of OwnTone c4d57aa contained security vulnerabilities, which stemmed from a null pointer dereferencing in the safeatou64 function, potentially leading to denial-of-service...

CVE-2026-26828

A NULL pointer dereference in the daapreplyplaylists function src/httpddaap.c of owntone-server commit 3d1652d allows attackers to cause a Denial of Service DoS via sending a crafted DAAP request to the server...

CVE-2026-26829

A NULL pointer dereference in the safeatou64 function src/misc.c of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service DoS via sending a series of crafted HTTP requests to the server...

ROS-20260323-73-0033

A vulnerability in the compositedevcleanup function of the usb component of the Linux kernel is related to NULL pointer dereferencing. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

OwnTone 安全漏洞

OwnTone is an open-source Linux/FreeBSD DAAP iTunes, MPD Music Player Daemon, and RSP Roku media server. OwnTone has a security vulnerability that stems from a null pointer dereferencing in the daapreplyplaylists function. This vulnerability could allow attackers to cause denial of service by...

CVE-2026-26828

CVE-2026-26828 describes a NULL pointer dereference in the owntone-server code path: daap_reply_playlists (src/httpd_daap.c) triggered by a crafted DAAP request, allowing a Denial of Service. The vulnerability is tied to commit 3d1652d in owntone-server. Exploitation is network-based with no requ...

CVE-2026-26829

A NULL pointer dereference in the safeatou64 function src/misc.c of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service DoS via sending a series of crafted HTTP requests to the server...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38167)

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdrfirstde return value The hdrfirstde function returns a pointer to a struct NTFSDE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help...

CVE-2026-26829

A NULL pointer dereference in the safeatou64 function src/misc.c of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service DoS via sending a series of crafted HTTP requests to the server...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38100)

In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIFIOBITMAP inconsistencies iobitmapexit is invoked from exitthread when a task exists or when a fork fails. In the latter case the exitthread cleans up resources which were allocated during fork. iobitmapexit...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38364)

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix MASTATEPREALLOC flag in maspreallocate Temporarily clear the preallocation flag when explicitly requesting allocations. Pre-existing allocations are already counted against the request through masnodecountgfp, but...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38468)

"In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...

ROS-20260323-73-0006

A vulnerability in the initnfsd function in the fs/nfsd/nfsctl.c module of the Linux kernel's NFS network file system support is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260323-73-0003

A vulnerability in the iobitmapexit function of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

SUSE CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the fuseuringinitqueue process. An attacker can cause the daemon to crash or exhaust system resources by triggering a failure in numaalloclocal during iouring queue entry setup, leading the code to proceed wi...

MGASA-2026-0061 Updated expat packages fix security vulnerabilities

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content. CVE-2026-32776 libexpat before 2.7.5 allows an infinite loop while parsing DTD content. CVE-2026-32777 libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry...

UBUNTU-CVE-2026-33179

libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a NULL pointer dereference and memory leak in fuseuringinitqueue allows a local user to crash the FUSE daemon or cause resource exhaustion. When numaalloclocal fails during iouring queue entry...

CVE-2026-33164 NULL Pointer Dereference in libde265

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

CVE-2026-33164 NULL Pointer Dereference in libde265

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...