Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007048 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details ...

CVE-2026-23251

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xfarray,blobdestroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-004804)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004804 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced ...

CVE-2023-54062 ext4: fix invalid free tracking in ext4_xattr_move_to_block()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrmovetoblock In ext4xattrmovetoblock, the value of the extended attribute which we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...

EUVD-2025-11228

Malicious code in bioql PyPI...

AZL-68019 CVE-2025-39902 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unverified pointer validity, which could lead to null pointer dereferencing...

UBUNTU-CVE-2024-35940

In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the pszkmsgread kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

CVE-2023-52663

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amdsofacpprobe Driver uses kasprintf to initialize fwcode,databin members of struct acpdevdata, but kfree is never called to deallocate the memory, which results in a memory leak. Fix the issue ...

CVE-2024-26908

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-26770

A vulnerability was found in the Linux kernel during LED initialization in the devmkasprintf function, which returns a pointer to dynamically allocated memory. This pointer could return NULL if the function fails, which could result in crashes or undefined behavior...

CVE-2024-26770

CVE-2024-26770 concerns the Linux kernel HID for the Nvidia Shield: a missing null-pointer check in LED initialization (led init path) could dereference NULL after devm_kasprintf() returns NULL. The issue arises during LED initialization within the Nvidia Shield HID handling; the CVSSv3.1 vector ...

CVE-2023-52607 powerpc/mm: Fix null-pointer dereference in pgtable_cache_add

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtablecacheadd kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

Design/Logic Flaw

While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile,...

Debian DLA-2303-1 : libssh security update

The code in src/sftpserver.c did not verify the validity of certain pointers and expected them to be valid. A NULL pointer dereference could have been occurred that typically causes a crash and thus a denial of service. For Debian 9 stretch, this problem has been fixed in version 0.7.3-2+deb9u3. ...

CVE-2019-5760

Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2019-5760

CVE-2019-5760 affects Google Chrome’s WebRTC implementation. Insufficient pointer validation could lead to heap corruption via a crafted HTML page, enabling remote exploitation. The fix is available in Chrome updates from 72.0.3626.81 onward.