Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc – Fixed the issue where NULL values were returned instead of an ISERR error. The devmkzalloc function now returns NULL when an error occurs, rather than error pointers. The check has been corrected...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fixed the issue where NULL was compared with ISERR. The devmkzalloc function does not return error pointers; it returns NULL in case of an error. Update the check to match this behavior...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fixed missing NULL checks. The scarlett2inputselectctlinfo function sets up the string arrays using kasprintf, but it fails to perform NULL checks. This could lead to NULL dereferencing errors. We need to ad...

CVE-2026-31599 media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011051)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011051 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialresume Consider a case where...

SUSE-SU-2026:1398-1 Security update for freerdp

This update for freerdp fixes the following issues: Security fixes: - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. - CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. - CVE-2026-31806: improper...

CVE-2026-31425

In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rdsibgetmr extracts the rdsibconnection from conn-ctransportdata and passes it to rdsibregfrmr for FRWR memory registration. On a fresh outgoing connection, ic...

SUSE CVE-2026-23309

In the Linux kernel, the following vulnerability has been resolved: tracing: Add NULL pointer check to triggerdatafree If triggerdataalloc fails and returns NULL, eventhisttriggerparse jumps to the outfree error path. While kfree safely handles a NULL pointer, triggerdatafree does not. This cause...

CVE-2026-23341 accel/amdxdna: Fix crash when destroying a suspended hardware context

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix crash when destroying a suspended hardware context If userspace issues an ioctl to destroy a hardware context that has already been automatically suspended, the driver may crash because the mailbox channel...

CVE-2026-23341

CVE-2026-23341 affects the Linux kernel accel/amdxdna path. The issue occurs when userspace issues an ioctl to destroy a hardware context that has already been automatically suspended, which may crash due to a NULL mailbox channel pointer accessed in aie2_destroy_context(). The fix adds a mailbox...

CVE-2026-23309

In the Linux kernel, the following vulnerability has been resolved: tracing: Add NULL pointer check to triggerdatafree If triggerdataalloc fails and returns NULL, eventhisttriggerparse jumps to the outfree error path. While kfree safely handles a NULL pointer, triggerdatafree does not. This cause...

CVE-2026-23250

In the Linux kernel, the following vulnerability has been resolved: xfs: check return value of xchkscrubcreatesubord Fix this function to return NULL instead of a mangled ENOMEM, then fix the callers to actually check for a null pointer and return ENOMEM. Most of the corrections here are for code...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005726 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialsuspend Consider a case where...

UBUNTU-CVE-2026-23218

In the Linux kernel, the following vulnerability has been resolved: gpio: loongson-64bit: Fix incorrect NULL check after devmkcalloc Fix incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...

CVE-2026-23207

CVE-2026-23207 concerns the Linux kernel SPI Tegra210 quad driver. The issue arose because curr_xfer accesses were not consistently protected by the lock in the IRQ thread path, enabling a race against the timeout path where curr_xfer could be NULL after being cleared but still dereferenced in ha...

CVE-2026-23044

In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...

CVE-2026-23098

CVE-2026-23098 affects the Linux kernel component related to NET/ROM handling in nr_route_frame(). The issue is a double-free: old_skb is freed unconditionally, and if nr_neigh->ax25 is NULL the caller may free old_skb again. The root cause is freeing old_skb without validating the ax25 pointe...

SUSE CVE-2026-22982

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...

AZL-78461 CVE-2026-22982 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...