EUVD-2026-30411

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixeldecoderaw and sixeldecode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter alway...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

A issue was discovered in the Linux kernel through version 6.5.9. During a race condition involving the exit of a SQ thread, a NULL pointer dereferencing in iouring/fdinfo.c’s iouringshowfdinfo function can occur...

CVE-2026-3146

CVE-2026-3146 affects libvips up to 8.18.0. The vulnerable element is vips_foreign_load_matrix_header in libvips/foreign/matrixload.c , which may trigger a null pointer dereference . Exploitation requires local access. The patch identifier is d4ce337c76bff1b278d7085c3c4f4725e3aa6ece and applying ...

CVE-2026-2642

A security vulnerability has been detected in ggreer thesilversearcher up to 2.2.0. The impacted element is the function searchstream of the file src/search.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed...

CVE-2026-2642

The CVE concerns the GNU ripgrep-like tool the_silver_searcher (the_silver_searcher) up to version 2.2.0. The vulnerability affects the function search_stream in src/search.c, where an input manipulation leads to a null pointer dereference. This requires local access and could cause a crash or de...

UBUNTU-CVE-2026-22983

In the Linux kernel, the following vulnerability has been resolved: net: do not write to msggetinq in callee NULL pointer dereference fix. msggetinq is an input field from caller to callee. Don't set it in the callee, as the caller may not clear it on struct reuse. This is a kernel-internal varia...

CVE-2025-71124

CVE-2025-71124 —Linux kernel DRM MSM A6XX path fix: moved preempt_prepare_postamble() to after validating preempt_postamble_ptr to prevent NULL pointer dereference when postamble allocation fails. Impact described as crash risk; patch available in Patchwork 687659; no exploitation details provide...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of the return value of createinformatblob, which could result in a null pointer dereference...

EulerOS 2.0 SP10 : gnutls (EulerOS-SA-2025-2385)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject...

Huawei EulerOS: Security Advisory for nasm (EulerOS-SA-2025-2336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

tee: fix NULL pointer dereference in tee_shm_put

...

DEBIAN-CVE-2022-50244

In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlpciinitafu|adapter If deviceregister fails in cxlpciafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-deref becau...

kernel: drm/vkms: Fix null-ptr-deref in vkms_release()

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkmsrelease A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms-output.composerworkq in vkmsrelease. KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CP...

Linux Distros Unpatched Vulnerability : CVE-2023-28625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In...

Vulnerability of the fmvj18x_get_hwinfo() function in the drivers/net/ethernet/fujitsu/fmvj18x_cs.c module – A Linux kernel Ethernet adapter support driver that allows a hacker to cause a system failure

Vulnerability of the fmvj18xgethwinfo function in the drivers/net/ethernet/fujitsu/fmvj18xcs.c module – The Linux kernel’s Ethernet adapter support driver is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an attacker to cause a system failure...

UBUNTU-CVE-2022-49825

In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatportadd In atatportadd, the return value of transportadddevice is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice is...

DEBIAN-CVE-2025-22018

In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is NULL...

AZL-48310 CVE-2024-38543 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: lib/testhmm.c: handle srcpfns and dstpfns allocation failure The kcalloc in dmirrordeviceevictchunk will return null if the physical memory has run out. As a result, if srcpfns or dstpfns is dereferenced, the null pointer...

CVE-2021-47333 misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge

In the Linux kernel, the following vulnerability has been resolved: misc: alcorpci: fix null-ptr-deref when there is no PCI bridge There is an issue with the ASPMoptional capability checking function. A device might be attached to root complex directly, in this case, bus-selfbridge will be NULL,...

CVE-2024-27046 nfp: flower: handle acti_netdevs allocation failure

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle actinetdevs allocation failure The kmallocarray in nfpfllagdowork will return null, if the physical memory has run out. As a result, if we dereference the actinetdevs, the null pointer dereference bugs will...