CVE-2025-54333

The CVE-2025-54333 issue is in Samsung Mobile Processor Exynos 1380’s NPU, described as an Invalid Pointer Dereference in the get_vs4l_profiler_node function. Connected sources (e.g., PT-2025-45024, Red Hat/NVD/CVE listings) corroborate the vulnerability but do not provide concrete exploit detail...

CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Correctly handled csum tree errors with rescue=ibadroots. BUG There is a syzbot-based reproducer that can cause the kernel to crash. The call trace is as follows with some debug output added: DEBUG: rescue=ibadroots...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fbaddvideomode to prevent nullptrderef. The fbaddvideomode function may fail with -ENOMEM if its internal kmalloc function cannot allocate a struct fbmodelist. In such cases, the modelist remains empty, but th...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a Null pointer dereference vulnerability Why A Null pointer dereference vulnerability exists in the cleanup function dcdestruct of the AMD display driver’s DC module. When the construction of the display...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: ad1816a: Fixed a potential NULL pointer dereferencing in sndcardad1816apnp. Use prwarn instead of devwarn when ‘pdev’ is NULL to avoid potential NULL pointer dereferencing...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: atm: clip: Fixed a potential nullptrderef issue in toatmarpd. Atmarpd is protected by RTNL since commit f3a0592b37b8 “ATM: clip causes unregister hang”. However, this protection is insufficient because toatmarpd is called...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A null pointer dereference issue in destroyprevioussession has been fixed. If the -PreviousSessionId is set during the Kerberos session setup phase, a null pointer dereference error may occur. Since sess-user is not set ye...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bug: Unchecked dereferencing of a NULL pointer in the kernel. Address: 0000000000000000 Causes: - ip6rcvcore net/ipv6/ip6input.c:190:20 - ipv6rcv net/ipv6/ip6input.c:306:8 - processbacklog net.core/dev.c:6186:4 - napipoll...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – Do not ping devices that have failed to load firmware. Syzkaller reports that 1 and 2 crashes occur due to attempts to ping devices that have failed to load firmware. Since such devices fail to pass the...

MGASA-2025-0252 Updated libtiff packages fix security vulnerabilities

LibTIFF fax2ps tiff2pdf.c t2preadtiffinit null pointer dereference. CVE-2024-13978 LibTIFF tiffmedian.c gethistogram use after free. CVE-2025-8176 LibTIFF thumbnail.c setrow buffer overflow. CVE-2025-8177 libtiff tiff2ps tiff2ps.c PSLvl2page null pointer dereference. CVE-2025-8534 LibTIFF tiffcro...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link why Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOP...

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

...

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.

...

ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card

...

Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700716 fixes one issue. The following security issue was fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

EUVD-2023-60053

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability when adding or configuring Email Settings. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views the affecte...

EUVD-2022-55673

Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS via the Apply Configuration error text. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

SUSE CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

FRRouting Denial of Service Vulnerability (CNVD-2026-10884)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereferencing via the showvtyunknowntlv function on ospfext.c. An attacker could exploit this vulnerability to caus...