PT-2026-34907

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the futex subsystem where the futex lock pi retry path fails to clear a stale exiting pointer. When futex lock pi atomic detects that an owner is exiting, it returns...

PT-2026-34914

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/mediatek component where driver data is not stored before the mipi dsi host register function is invoked. This causes the mtk dsi bind function to attempt to...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function rxrpcinputpacketonconn. When this function is called on a current client via the channel, ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of the i915 driver firmware. When this happens, the setdefaultsubmission pointer is n...

PT-2026-34901

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The cp2615 driver uses the USB device serial string as the i2c adapter name without verifying that the string exists. This can lead to a NULL-pointer dereference, which occurs when the...

PT-2026-34929

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the nilfs2 component within the nilfs mdt save to shadow map function. The btree node cache i assoc inode of the DAT inode is initialized lazily duri...

PT-2026-34951

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the vidtv channel pmt match sections function. This occurs because vidtv psi pmt stream init can return NULL during a memory allocation failure, whic...

PT-2026-34973

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bnge driver where the error path fails to return after calling the auxiliary device uninit function. When auxiliary device add fails, the system calls auxiliary...

PT-2026-34972

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the ALSA usx2y driver for the TASCAM US-144MKII device. A malicious USB device can provide a configuration containing bInterfaceNumber=1 without an...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of memory after the em28xxv4l2open function in the media em28xx module. This could lead...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the rxgkverifyauthenticator function’s handling of pointers as be32 types. This leads to the pars...

PT-2026-34898

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the bonding network subsystem. The function bond debug rlb hash show accesses client info-slave without verifying if the value is NULL. This occurs...

PT-2026-35003

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL-pointer dereference or use-after-free issue exists in the mmc: vub300 component. This occurs during disconnect if the controller is not deregistered before the reference to the...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

CLSA-2026-1776879277 squid: Fix of 13 CVEs

CVE-2018-1000027: fix NULL pointer dereference in clientFollowXForwardedForCheck for transactions without a client connection - CVE-2018-19131: fix XSS via X.509 certificate fields rendered unescaped in SSL error pages - CVE-2019-12520: prevent cache poisoning by suppressing URL userinfo from...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb

...

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-40251, CVE-2025-40154, CVE-2025-38568 Vulnerability Details CVEID:CVE-2025-40251 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: devlink:...

CVE-2026-5398

The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. A malicious process can abuse the...

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...