EUVD-2026-5434

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to restore a ZA context doesn't attempt to allocate the task's svestate before setting TIFSME. Consequently, restoring a ZA context can place a task into an...

CVE-2026-23107 arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to restore a ZA context doesn't attempt to allocate the task's svestate before setting TIFSME. Consequently, restoring a ZA context can place a task into an...

EUVD-2026-5480

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...

CVE-2026-23064

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...

CVE-2026-23064 net/sched: act_ife: avoid possible NULL deref

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...

CVE-2026-23062

The CVE-2026-23062 issue is in the Linux kernel platform/x86 hp-bioscfg code. The root cause is twofold: an off-by-one error in a loop using <= instead of

CVE-2025-71198 iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...

kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

EUVD-2025-206805

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

CVE-2025-71193

The CVE-2025-71193 family (Linux kernel: phy: qcom-qusb2) describes a NULL pointer dereference during early suspend caused by enabling runtime PM before the QPHY driver data is attached. This creates a window where suspend callbacks may run with invalid driver data, leading to sporadic boot crash...

CVE-2025-71193 phy: qcom-qusb2: Fix NULL pointer dereference on early suspend

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

CVE-2025-71193 phy: qcom-qusb2: Fix NULL pointer dereference on early suspend

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

EUVD-2026-5506

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer crash in bnxtptpenable during error cleanup When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error path calls bnxtfreehwrmresources which destroys the DMA pool and...

EUVD-2026-5507

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...

SUSE-SU-2026:0384-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. - CVE-2026-23876: maliciously crafted image can lead to heap buffer overflow bsc1256962. - CVE-2026-23952: processing comment tag can cause null pointer...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a spelling error in the frequency notifications. This vulnerability may lead to null pointer...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bnxtptpenable attempting to use an empty DMA pool during incorrect cleanup operations, potentially...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of SVE storage allocated when restoring the ZA context, potentially leading to null pointer...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking function return values, potentially leading to null pointer dereferencing...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of an empty pointer in idpfidcvportdevdown when vdevinfo is not assigned, potentially leading t...