CLSA-2026-1775726631 binutils: Fix of 9 CVEs

CVE-2023-1972: fix heap buffer overflow in bfdelfslurpversiontables - CVE-2025-11412: fix out-of-bounds read in bfdelfgcrecordvtentry - CVE-2025-11413: fix out-of-bounds read in elflinkaddobjectsymbols - CVE-2025-11839: fix abort in tgtagtype with fuzzed input - CVE-2025-11840: fix SEGV from NULL...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the bnge error path that leads to the dereferencing of a null pointer...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtkdsi driver not storing driver data before calling mipidsihostregister, resulting in a null...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of null pointer checking in the kstrdup function, potentially leading to kernel crashes...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function rxrpcinputpacketonconn. When this function is called on a current client via the channel, ...

PT-2026-34896

In the Linux kernel, the following vulnerability has been resolved: firmware: arm scmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: arm scmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmi event handler get ops...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cp2615 driver not verifying the existence of the USB device serial number string, potentially leadi...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the sevmemencregisterregion function in KVM SEV. When this function checks sevguest, it does not hold...

PT-2026-34929

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the nilfs2 component within the nilfs mdt save to shadow map function. The btree node cache i assoc inode of the DAT inode is initialized lazily duri...

PT-2026-34972

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the ALSA usx2y driver for the TASCAM US-144MKII device. A malicious USB device can provide a configuration containing bInterfaceNumber=1 without an...

PT-2026-34914

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipi dsi host register The call to mipi dsi host register triggers a callback to mtk dsi bind, which uses dev get drvdata to retrieve the mtk dsi struct, so this structure need...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a failure in the allocation of the receive buffer in the pn533 driver. This failure may lead to null...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of the i915 driver firmware. When this happens, the setdefaultsubmission pointer is n...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of input validation in the alpsrawevent mechanism, potentially leading to null pointer...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the null pointer dereferencing in iassoc inode in nilfs2, potentially leading to general protecti...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vidtv driver’s function vidtvchannelpmtmatchsections. This function does not check the NULL pointer...

PT-2026-34951

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the vidtv channel pmt match sections function. This occurs because vidtv psi pmt stream init can return NULL during a memory allocation failure, whic...

PT-2026-35003

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL-pointer dereference or use-after-free issue exists in the mmc: vub300 component. This occurs during disconnect if the controller is not deregistered before the reference to the...

PT-2026-34973

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bnge driver where the error path fails to return after calling the auxiliary device uninit function. When auxiliary device add fails, the system calls auxiliary...

PT-2026-34901

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The cp2615 driver uses the USB device serial string as the i2c adapter name without verifying that the string exists. This can lead to a NULL-pointer dereference, which occurs when the...