CVE-2026-33164

libde265 prior to version 1.0.17 is vulnerable to a segmentation fault caused by a malformed H.265 PPS NAL unit in pic_parameter_set::set_derived_values(). The issue has a fix in version 1.0.17, which patches the fault. Affected component is the libde265 H.265 decoder; impact is a crash/segmentat...

CVE-2026-33179 libfuse: NULL Pointer Dereference and Memory Leak in io_uring Queue Initialization

libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a NULL pointer dereference and memory leak in fuseuringinitqueue allows a local user to crash the FUSE daemon or cause resource exhaustion. When numaalloclocal fails during iouring queue entry...

UBUNTU-CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

CVE-2026-23277

CVE-2026-23277 (TEQL NULL pointer dereference in iptunnel_xmit) is fixed in Linux kernel TEQL transmit path. When a GRE Gretap tunnel is TEQL slave, teql_master_xmit() transmits via netdev_start_xmit() without updating skb->dev to the slave. iptunnel_xmit then uses the original dev from skb-&g...

RLSA-2023:3018 Low: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that teqlmasterxmit does not update the skb-dev pointing to the slave device before sending...

libfuse 代码问题漏洞

libfuse is an open-source user-space file system development library by libfuse. Versions of libfuse 3.18.0 to 3.18.2 had code-related vulnerabilities. These vulnerabilities stemmed from the fuseuringinitqueue function, which contained null pointer dereferencing and memory leaks. This could...

PT-2026-26679

libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a NULL pointer dereference and memory leak in fuse uring init queue allows a local user to crash the FUSE daemon or cause resource exhaustion. When numa alloc local fails during io uring queue...

CLSA-2026-1773923672 ImageMagick: Fix of 11 CVEs

CVE-2026-25797: fix PostScript/HTML code injection via unsanitized filenames - CVE-2026-25982: fix heap out-of-bounds read in DICOM colormap decoder - CVE-2026-25968: fix stack buffer overflow in MSL opacity attribute processing - CVE-2026-25986: fix heap buffer overflow write in YUV 4:2:2...

Amazon Linux 2 : libtiff, --advisory ALAS2-2026-3196 (ALAS-2026-3196)

The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3196 advisory. libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...

CVE-2026-31973

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

CVE-2026-31964

A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. When processing specially crafted CRAM Compressed Reference-aligned Alignment Map data, specifically records that omit sequence or quality data using the CONST, XPACK, or XRLE encodings, the library attempt...

EUVD-2026-12958

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

CVE-2026-31973

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

CVE-2026-31973 NULL pointer dereference in samtools cram-size

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

EUVD-2026-12801

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siwgethdr returns -EINVAL before setrxfpducontext, qp-rxfpdu can be NULL. The error path in siwtcprxdata dereferences qp-rxfpdu-moreddpsegs without checking...

CVE-2026-23242

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siwgethdr returns -EINVAL before setrxfpducontext, qp-rxfpdu can be NULL. The error path in siwtcprxdata dereferences qp-rxfpdu-moreddpsegs without checking...

CVE-2026-23242

CVE-2026-23242 affects the Linux kernel RDMA/siw header processing: siw_tcp_rx_data may dereference a NULL qp->rx_fpdu if siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(). The fix adds a NULL check for rx_fpdu before accessing more_ddp_segs, preventing the NULL pointer dereference. P...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the xfarray and xfblob destructor functions are called without checking the validit...