Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: nixge: fixed NULL dereference issue. In the function nixgehwdmabdrelease, dereferencing a NULL pointer priv-rxbdv could occur in the case of allocation failure in nixgehwdmabdinit. The move operation and the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpuregssmc file could result in an abnormal null pointer access when the smcrreg pointer is NULL...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014350 advisory. In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga...

SUSE CVE-2026-23439

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...

CVE-2026-23320

...

Important: openssl

Issue Overview: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. CVE-2025-15468 A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before...

SUSE CVE-2026-23159

In the Linux kernel, the following vulnerability has been resolved: perf: sched: Fix perf crash with new isusertask helper In order to do a user space stacktrace the current task needs to be a user task that has executed in user space. It use to be possible to test if a task is a user task or not...

CVE-2026-23084

CVE-2026-23084 affects the Linux kernel be2net driver. The vulnerability arises when be_cmd_get_mac_from_list() is called with pmac_id_valid == false and pmac_id == NULL, which can cause a NULL pointer dereference. The fix, per the description, is to pass the address of a stub variable to the fun...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005122)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005122 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible null-ptr-deref in ocfs2setbufferuptodate When doing cleanup, if flags without...

CVE-2026-1417 GPAC filedump.c dump_isom_rtp null pointer dereference

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...

CVE-2025-71124 drm/msm/a6xx: move preempt_prepare_postamble after error check

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check Move the call to preemptpreparepostamble after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in preemptpreparepostamble...

SUSE CVE-2023-54204

In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, 1. the memory allocated in mmcallochost will be leaked 2. null-ptr-deref will happen when calling mmcremovehost in...

CVE-2022-50879 objtool: Fix SEGFAULT

In the Linux kernel, the following vulnerability has been resolved: objtool: Fix SEGFAULT findinsn will return NULL in case of failure. Check insn in order to avoid a kernel Oops for NULL pointer dereference...

CVE-2023-54058

Technical details for CVE-2023-54058 are not publicly provided in the connected documents. Monitor for official patches/advisories; no product/version specifics or remediation details are included in the supplied materials.

CVE-2025-68229 scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fix segfault in tcmlooptpgaddressshow If the allocation of tlhba-sh fails in tcmloopdriverprobe and we attempt to dereference it in tcmlooptpgaddressshow we will get a segfault, see below for an example. So...

SUSE CVE-2023-53832

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28040)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28040 advisory. - netfilter: nftables: reject duplicate device on updates Pablo Neira Ayuso Orabug: 38712798 CVE-2025-38678 - ice: fix using untrusted value of...

EUVD-2025-201567

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices Previously, APU platforms and other scenarios with uninitialized VRAM managers triggered a NULL pointer dereference in ttmresourcemanagerusage. The root cause...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989469)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989469 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond...