Linux Distros Unpatched Vulnerability : CVE-2024-42331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently...

Linux Distros Unpatched Vulnerability : CVE-2022-48865

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc...

Linux Distros Unpatched Vulnerability : CVE-2018-14622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefdxprt was not checked in all instances, which...

Linux Distros Unpatched Vulnerability : CVE-2017-14318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.5.x through 4.9.x. The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the...

CVE-2024-57995

CVE-2024-57995 affects the Linux kernel’s wifi ath12k driver. In ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different radio it is later freed via ath12k_mac_unassign_link_vif(), and a subsequent check on arvif could read freed memory (read-after-free). The fix relocates the check t...

CVE-2022-49707

In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear resizeinode feature not run e2fsck. It could be simply reproduced by following steps. The problem is...

CVE-2022-49707

CVE-2022-49707 concerns a Linux kernel ext4 resize bug where a NULL pointer dereference could occur when resizing a corrupted ext4 image with resize_inode previously cleared. The root cause is that during ext4_resize_fs() transitioning to meta_bg mode, es->s_reserved_gdt_blocks was not reduced...

CVE-2022-49652

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in tidra7xbarrouteallocate ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not needed anymore. Add missing ofnodeput in to fix this...

CVE-2022-49529

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: fix the null pointer while the smu is disabled It needs to check if the ppfuncs is initialized while release the context, otherwise it will trigger null pointer panic while the software smu is not enabled...

CVE-2023-34400

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the file and convert it to null-terminated string. If character is missed, will return null pointer...

Azure Linux 3.0 Security Update: hdf5 (CVE-2024-32610)

The version of hdf5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32610 advisory. - HDF5 Library through 1.14.3 has a SEGV in H5Tclosereal in H5T.c, resulting in a corrupted instruction pointer...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50049)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50049 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer befo...

CVE-2021-37656

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2025-1108)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-57914 usb: typec: tcpci: fix NULL pointer issue on shared irq case

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpci: fix NULL pointer issue on shared irq case The tcpciirq may meet below NULL pointer dereference issue: 2.641851 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 2.641951 statu...

CVE-2024-57914

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpci: fix NULL pointer issue on shared irq case The tcpciirq may meet below NULL pointer dereference issue: 2.641851 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 2.641951 statu...

CVE-2024-47141

In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc-pinmux data When two client of the same gpio call pinctrlselectstate for the same functionality, we are seeing NULL pointer issue while accessing desc-muxowner. Let's say two processes...

CVE-2024-47141 pinmux: Use sequential access to access desc->pinmux data

In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc-pinmux data When two client of the same gpio call pinctrlselectstate for the same functionality, we are seeing NULL pointer issue while accessing desc-muxowner. Let's say two processes...

CVE-2024-47141 pinmux: Use sequential access to access desc->pinmux data

In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc-pinmux data When two client of the same gpio call pinctrlselectstate for the same functionality, we are seeing NULL pointer issue while accessing desc-muxowner. Let's say two processes...

Fedora 40 : libxmp (2025-c58133e520)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c58133e520 advisory. Latest upstream release. Changelog: Fixes: CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbisdeinit CVE-2023-45680: Null...