Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fixed a possible NULL pointer dereferencing caused by driver concurrency. In dwc2hcdurbenqueue, the statement “urb-hcpriv = NULL” is executed without holding the lock “hsotg-lock”. In dwc2hcdurbdequeue: c...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The...

EUVD-2026-24860

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix use-after-free in migration restore When an error is returned from xesriovpfmigrationrestoreproduce, the data pointer is not set to NULL, which can trigger use-after-free in subsequent .write calls. Set the pointer...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013493 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Set debugfsdir pointer to NULL after removing debugfs If init debugfs failed durin...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006821)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006821 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of th...

CVE-2026-23251

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xfarray,blobdestroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of...

EUVD-2026-5074

In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortexprobe1 pdev can be null and freering: can be called in 1297 with a null pdev...

CVE-2026-22982 net: mscc: ocelot: Fix crash when adding interface under a lag

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...

UBUNTU-CVE-2023-54305

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

CVE-2023-54305 ext4: refuse to create ea block when umounted

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

PT-2025-51627

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the timer subsystem, specifically in the timer shutdown sync function, potentially leading to a kernel warning. This occurs when the timer function pointer...

UBUNTU-CVE-2025-39990

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-382654)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-382654 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure job pointer is set to NULL after job completion After a job completes, the...

EUVD-2025-26773

Malicious code in bioql PyPI...

CVE-2025-39902

CVE-2025-39902 is a Linux kernel vulnerability where mm/slub could crash if object metadata is accessed when the object pointer is NULL or invalid. The root cause is that object_err() attempts to report object details (freelist pointer, redzone, etc.) even when the pointer is not pointing to a va...

CVE-2025-39878 ceph: fix crash after fscrypt_encrypt_pagecache_blocks() error

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method" by moving code from cephwritepagesstart to this...

PT-2025-46616

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Bluetooth ISO component of the Linux kernel. Specifically, the vulnerability occurs during the iso conn free function, potentially leading to a...

CVE-2023-53241 nfsd: call op_release, even when op_func returns an error

In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...

CVE-2023-53241 nfsd: call op_release, even when op_func returns an error

In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...

SUSE CVE-2025-38716

In the Linux kernel, the following vulnerability has been resolved: hfs: fix general protection fault in hfsfindinit The hfsfindinit method can trigger the crash if tree pointer is NULL: 45.746290 T9787 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 1...