263 matches found
PT-2026-31306
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ATM send path sendmsg - vcc sendmsg - sigd send. The system reads the vcc pointer from msg-vcc without validation, and this pointer originates fro...
CVE-2026-3777
The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...
CLSA-2026-1774273237 libtiff: Fix of CVE-2025-61143
CVE-2025-61143: fix NULL pointer dereference in tiffcrop add null checks and pointer validation, prevent crash...
CVE-2026-23251
The CVE-2026-23251 issue affects the Linux kernel XFS code: destructors xfarray/xfblob were invoked on possibly-invalid pointers. The patch ensures xf{array,blob}_destroy is only called for a valid pointer and clears it afterwards, improving memory safety. The fix was merged in commits between 6....
CVE-2026-23251
In the Linux kernel, the following vulnerability has been resolved: xfs: only call xfarray,blobdestroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of...
CVE-2026-23251 xfs: only call xf{array,blob}_destroy if we have a valid pointer
In the Linux kernel, the following vulnerability has been resolved: xfs: only call xfarray,blobdestroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of...
CLSA-2026-1772642268 libtiff: Fix of CVE-2025-61145
CVE-2025-61145: fix double free in tiffcrop; add pointer validation and guard against second free...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to validate pointers before releasing memory, potentially leading to null pointer...
UBUNTU-CVE-2026-22982
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...
CVE-2026-22982
CVE-2026-22982 is a Linux kernel vulnerability in the net: mscc: ocelot driver. The issue causes a crash when adding an interface under a lag due to NULL pointer dereferences in the ocelot frontend (ocelot_vsc7514.c) where unused ports may be left as NULL. The fix updates the code to verify the p...
CVE-2009-4325
The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "check for null pointers."...
CVE-2023-54274 RDMA/srpt: Add a check for valid 'mad_agent' pointer
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'madagent' pointer When unregistering MAD agent, srpt module has a non-null check for 'madagent' pointer before invoking ibunregistermadagent. This check can pass if 'madagent' variable holds an...
CVE-2023-54274
CVE-2023-54274 affects the Linux kernel RDMA/srpt path. Root cause: during unregistering a MAD agent the code could see a non-null mad_agent that actually held an error value, allowing a NULL dereference in a short race window when srpt_add_one() and srpt_remove_one() run concurrently (e.g., RoCE...
CVE-2023-54274 RDMA/srpt: Add a check for valid 'mad_agent' pointer
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'madagent' pointer When unregistering MAD agent, srpt module has a non-null check for 'madagent' pointer before invoking ibunregistermadagent. This check can pass if 'madagent' variable holds an...
PT-2025-54103
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the RDMA/srpt module related to the handling of MAD Management Agent agent pointers during unregistration. Specifically, a check for a valid 'mad...
CVE-2025-40156
Technical details for CVE-2025-40156 are not provided in the connected documents; the Ubuntu/Nessus entries reference other CVEs and do not disclose specifics of this CVE.
CVE-2025-40138 f2fs: fix to avoid NULL pointer dereference in f2fs_check_quota_consistency()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...
CVE-2025-40138
Summary: CVE-2025-40138 affects the Linux kernel f2fs quota maintenance path. The issue is a NULL pointer dereference in f2fs_check_quota_consistency(), triggered by unsafe handling before comparing old_qname/new_qname pointers during remount/quotacheck flows. The bug’s direct cause is a potentia...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990024)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990024 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990381 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without...