Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992393)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992393 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992337 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992432)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992432 advisory. In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in registershmhelper With special lengths supplied by user space,...

PT-2025-54108

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fw getenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null point...

PT-2025-54121

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5+ Description The Linux kernel contains a flaw in the RDMA/rxe module where a null pointer dereference can occur in the rxe qp do cleanup function when socket creation fails. This issue arises due to the...

PT-2025-53991

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the vdpa/vp vdpa component. Specifically, the vp vdpa remove function incorrectly uses a pointer as an argument for the kfree function, potentiall...

PT-2025-54093

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s fs/sysv component that could lead to a null pointer dereference. The sb getblk function, when called with inode-i sb and parent, may return a null...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check user-space-provided rulecnt, which could result in a null pointer dereference...

CVE-2025-15156

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messagessession.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the dabitags function in the cp-demangle.c file. An attacker can cause the application to crash or become unresponsive by submitting a specially crafted PE file. Remediation There is no fixed version for...

CVE-2025-14180

A flaw was found in PHP. When the PDO PHP Data Objects PostgreSQL driver is configured with PDO::ATTREMULATEPREPARES enabled, a remote attacker can exploit a vulnerability by providing an invalid character sequence within a prepared statement parameter. This can cause a null pointer dereference,...

Debian dla-4424 : libopenjp2-7 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4424 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4424-1 [email protected] https://www.debian.org/lts/security/...

CVE-2025-15156 omec-project UPF PFCP Session Establishment Request messages_session.go handleSessionEstablishmentRequest null pointer dereference

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messagessession.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may...

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

CVE-2025-14180

CVE-2025-14180 affects PHP’s PDO PostgreSQL driver when using PDO::ATTR_EMULATE_PREPARES and can cause a NULL return from PQescapeStringConn on certain invalid parameter sequences, leading to a NULL pointer dereference in pdo_parse_params() and potential server crashes. Connected advisories confi...

PHP 安全漏洞

PHP is a scripting language executed server-side by PHP Open Source. A security vulnerability exists in PHP versions prior to 8.1.34, 8.2.30, 8.3.29, 8.4.16, and 8.5.1, which stems from a null pointer dereference in the PDO PostgreSQL driver that could cause a crash...

Linux Distros Unpatched Vulnerability : CVE-2023-54080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfsrelocclonecsums, there...

Linux Distros Unpatched Vulnerability : CVE-2023-54018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm/hdmi: Add missing check for allocorderedworkqueue Add check for the return value of allocorderedworkqueue as it may return NULL pointer and cause NULL...

CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...