549 matches found
CVE-2026-10664 Out-of-bounds write in nRF70 Wi-Fi driver power-save event handler (unbounded TWT flow count)
The nRF70 Wi-Fi driver's power-save event handler nrfwifieventprocgetpowersaveinfo in drivers/wifi/nrfwifi/src/wifimgmt.c copied TWT Target Wake Time flow entries from an nrfwifiumaceventpowersaveinfo event into the fixed-size twtflowsWIFIMAXTWTFLOWS 8-element array of a caller-supplied struct...
CVE-2026-53093
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix error pointer dereference The function brcmfchipaddcore can return an error pointer and is not checked. Add checks for error pointer. Detected by Smatch:...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dcehwseq before dereferencing it. WHAT hws was checked for being null earlier in dce110blankstream, indicating that hws can be null. This check should be performed whenever hws is used. Cherry-picked from...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a missing NULL pointer check for the pingpong interface. This check is almost always performed in dpuencoderphyswbsetupctl, but in a single location, the check is missing. Also, use convenient locals variables...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a missing pointer check in the hdacomponentmanagerinit function. The componentmatchadd function may assign the ‘matchptr’ pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: - For the media module, in the mtk-mdp component, error handling in the probe function has been fixed. - The function mtkmdpunregisterm2mdevice has been added to the error handling path to prevent resource leaks. - A check for...
CVE-2026-52913
CVE-2026-52913 is addressed in OSV entries as a flaw in the rootio-linux package. Root has patched CVE-2026-52913 in Root:Ubuntu-22.04, with multiple fixed versions available. Additional OSV records indicate patched status for Root:Ubuntu-24.04 and Root:Debian-11/12, also noting multiple fixed ve...
CVE-2026-0156
CVE-2026-0156 describes a memory safety issue in checkSsrcCollisionOnRcv of RtpSession.cpp caused by a missing null check. This could allow remote denial of service without additional execution privileges, and exploitation does not require user interaction. The information appears consistently in...
CVE-2026-46245 drm/amd/display: Fix dc_link NULL handling in HPD init
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...
CVE-2026-46216 drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()
In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of null pointer checks for mediagt in the drm/xe/hdcp module. This vulnerability may lea...
CVE-2026-46016 remoteproc: xlnx: Only access buffer information if IPI is buffered
In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent possibility of crash by NULL pointer dereferencing...
CVE-2026-45836
The CVE-2026-45836 vulnerability affects the Linux kernel Bluetooth L2CAP code and stems from a missing NULL guard in l2cap_sock_get_sndtimeo_cb(), which can cause a null pointer dereference. The issue is resolved by adding the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_s...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fixed missing NULL checks. The scarlett2inputselectctlinfo function sets up the string arrays using kasprintf, but it fails to perform NULL checks. This could lead to NULL dereferencing errors. We need to ad...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: The NULL check for currxfer was protected in the IRQ handler. Now, all other accesses to currxfer are performed under a lock. The NULL check for currxfer in tegraqspiisrthread is also protected by a spinlock...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fixed the issue where NULL was compared with ISERR. The devmkzalloc function does not return error pointers; it returns NULL in case of an error. Update the check to match this behavior...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc – Fixed the issue where NULL values were returned instead of an ISERR error. The devmkzalloc function now returns NULL when an error occurs, rather than error pointers. The check has been corrected...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Added a check for a valid ‘madagent’ pointer. When unregistering an MAD agent, the srpt module performs a non-null check on the ‘madagent’ pointer before invoking ibunregistermadagent. This check can fail if the...
Astra Linux – Vulnerability in Firefox
The developer’s page for about:memory includes a Measure function for exploring which object types the browser has allocated and their sizes. When this function was invoked, we incorrectly called the sizeof function instead of using the API method that checks for invalid pointers. This...