Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003304 advisory. The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002224)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002224 advisory. The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference and...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003409 advisory. drivers/net/usb/asixdevices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possib...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002990)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002990 advisory. The rngapireset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service NULL pointer dereference. Tenable has extracted...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001850)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001850 advisory. arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service NULL pointer dereference,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003526)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003526 advisory. In the Linux kernel through 4.14.13, the rdscmsgatomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leadin...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002309 advisory. The rdsibladdrcheck function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service NULL pointer dereference and system...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002562)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002562 advisory. The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002662 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...

CVE-2025-68820

A NULL pointer dereference vulnerability was found in the Linux kernel's ext4 filesystem extended attribute handling. When ext4getinodeloc fails with an error such as -EFSCORRUPTED, the iloc.bh buffer head remains NULL. The ext4xattrinodedecrefall function lacks error checking and proceeds to cal...

CVE-2026-21300

Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21288

Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

CLSA-2026-1768411712 php: Fix of 2 CVEs

CVE-2025-1220: fix null byte termination in hostnames - CVE-2025-6491: fix NULL pointer dereference in PHP SOAP extension via large XML namespace prefix...

CVE-2025-8090

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

CVE-2025-71135

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5storegroupthreadcnt The variable mddev-private is first assigned to conf and then checked: conf = mddev-private; if !conf ... If conf is NULL, then mddev-private is also...

UBUNTU-CVE-2025-71124

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check Move the call to preemptpreparepostamble after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in preemptpreparepostamble...

CVE-2025-71118 ACPICA: Avoid walking the Namespace if start_node is NULL

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 "ACPICA: Avoid walking the ACPI Namespace if it is not there" fixed the situation when both startnode and acpigblrootnode are NULL, the Linux...

CVE-2025-71118 ACPICA: Avoid walking the Namespace if start_node is NULL

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 "ACPICA: Avoid walking the ACPI Namespace if it is not there" fixed the situation when both startnode and acpigblrootnode are NULL, the Linux...

kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()

A null pointer dereference exists in the linux kernel such that in objstockflushrequired:stock-cachedobjcg can be reset between the check and dereference, resulting in damage to the availability of the system...

SUSE CVE-2025-15514

Ollama 0.11.5-rc0 through current version 0.13.5 contain a null pointer dereference vulnerability in the multi-modal model image processing functionality. When processing base64-encoded image data via the /api/chat endpoint, the application fails to validate that the decoded data represents valid...