Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ufshcdaddcommandTrace function in the scsi UFS core component. This function does not check whether...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the adisinit function releasing a pointer without checking whether adis-ops is NULL. This could lead to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the perf subsystem’s failure to check whether current-mm is still alive when retrieving the call...

ROS-20260508-73-0016

A vulnerability in the ngxmailauthauthhttpmodule module of the NGINX Plus and NGINX Open Source HTTP server is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the checkmemaccess function in the BPF module, which matches PTRTOBUF pointers using...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function acpiprocessorerratapiix4. In this function, the pointer dev is overwritten with NULL,...

PT-2026-39017

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the adis init function. The function attempts to dereference adis-ops to verify if specific function pointers write, read, reset are NULL without fir...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper removal order of the q6apm component during ADSP shutdown and startup, potentially leading...

JLSEC-2026-484

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...

Security update for mozjs52

This update for mozjs52 fixes the following issues CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing bsc1259713...

SUSE-SU-2026:1742-1 Security update for mozjs52

This update for mozjs52 fixes the following issues - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. - CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing...

CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

CVE-2026-8063

CVE-2026-8063 affects MongoDB Server 8.2

CVE-2026-8063

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

CVE-2026-44602

Tor before 0.4.9.7 is affected by a NULL pointer dereference when a CERT cell is received out of order (TROVE-2026-006). This can lead to a denial of service, rendering the Tor service unavailable to legitimate users. The issue is triggered remotely via crafted CERT cells; sources in Red Hat and ...

SUSE CVE-2026-43098

In the Linux kernel, the following vulnerability has been resolved: nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes into recvskb and may already deliver a complete frame before allocatin...

SUSE CVE-2026-43164

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the cited commit, udplibinitsock can fail, as can udpinitsock and udpv6initsock. Let's handle the error in...

CVE-2026-43271

A flaw was found in the Linux kernel's md-cluster module. During the startup of a multi-device MD array, a race condition can occur where a remote node sends a metadata update message before the system is fully ready to process it. This premature processing leads to a null pointer dereference,...

GoBGP 代码问题漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.4.0 of GoBGP contains a code vulnerability. This vulnerability arises from unauthenticated remote BGP peers sending specially crafted BGP UPDATE messages. When servers process messages with...