SUSE CVE-2026-31458

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts-nr before accessing contextsarr0 Multiple sysfs command paths dereference contextsarr0 without first verifying that kdamond-contexts-nr == 1. A user can set nrcontexts to 0 via sysfs while DAMON is...

SUSE CVE-2026-31460

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check if extcaps is valid in BL setup LVDS connectors don't have extended backlight caps so check if the pointer is valid before accessing it. cherry picked from commit 3f797396d7f4eb9bb6eded184bbc6f033628a6f6...

SUSE CVE-2026-31471

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: only publish modedata after clone setup iptfsclonestate stores x-modedata before allocating the reorder window. If that allocation fails, the code frees the cloned state and returns -ENOMEM, leaving x-modedata pointi...

SUSE CVE-2026-31481

In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...

SUSE CVE-2026-31501

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path cppi5hdescgetpsdata returns a pointer into the CPPI descriptor. In both emacrxpacket and emacrxpacketzc, the descriptor is freed via k3cppidescpoolfree befor...

SUSE CVE-2026-31510

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref on l2capsockreadycb Before using sk pointer, check if it is null. Fix the following: KASAN: null-ptr-deref in range 0x0000000000000260-0x0000000000000267 CPU: 0 UID: 0 PID: 5985 Comm:...

SUSE CVE-2026-33262

An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default...

SUSE CVE-2026-33600

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

SUSE CVE-2026-33601

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-33600

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-014300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014300 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which...

Oracle Linux 10 : wireshark (ELSA-2026-9666)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9666 advisory. - Resolves: RHEL-152921 - CVE-2026-3203 Buffer Over-read - Resolves: RHEL-152912 - CVE-2026-3201 Improperly Controlled Sequential Memory Allocation -...

Linux Distros Unpatched Vulnerability : CVE-2026-33262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:1550-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1550-1 advisory. - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc126167...

CVE-2026-31511

A flaw was found in the Bluetooth Management MGMT component of the Linux kernel. An issue with how memory is managed during certain operations can lead to a 'dangling pointer' vulnerability. This means that the system might attempt to access memory that has already been released, potentially...

CVE-2026-31510

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol module. This vulnerability, a null pointer dereference, occurs in the l2capsockreadycb function because it fails to validate if a pointer is null before attempting to use it. An attacker within...

CVE-2026-31490

A flaw was found in the Linux kernel's drm/xe/pf component. This vulnerability occurs when an error is returned during a migration restore operation, specifically from the xesriovpfmigrationrestoreproduce function, and the associated data pointer is not correctly cleared. This can lead to a...

CVE-2026-31482

A flaw was found in the Linux kernel, specifically within the s390 architecture's kernel entry process. Due to an incomplete update, a critical register r12 was not properly cleared when entering the kernel. This oversight could allow a local user to potentially access sensitive system informatio...

CVE-2026-31481

A flaw was found in the Linux kernel. A local user can exploit this vulnerability by providing specific kernel command line parameters during boot, which can lead to a NULL pointer dereference. This issue occurs due to improper handling of deferred trigger frees when kernel thread kthread creatio...

EUVD-2018-21784

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payload with 688 bytes of padding followed by 4 bytes of controlled data to crash the application or...