Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010992)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010992 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmmmodeconfiginit drmmmodeconfiginit will call...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011289)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011289 advisory. In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010811 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010740 advisory. A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the mapgetnextkey function of the BPF bloom filter. This fla...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010891 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix a null-ptr-deref in tipctopsrvaccept syzbot found a crash in tipctopsrvaccept: KASAN:...

SUSE CVE-2026-28212

Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an opslice network packet, the server passes an unprepared structure containing a null pointer to the SDLinfo function, resulting in a null pointer dereference an...

SUSE CVE-2026-28224

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an opcryptkeycallback packet without prior authentication, the portservercryptcallback handler is not initialized, resulting in a null pointer dereference and...

CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

CVE-2026-26399

A stack-use-after-return issue exists in the ArduinoCoreSTM32 library prior to version 1.7.0. The pwmstart function allocates a TIMHandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the function...

SUSE-SU-2026:21237-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...

SUSE-SU-2026:21361-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...

SUSE-SU-2026:21352-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...

SUSE-SU-2026:21244-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678...

ROS-20260420-73-0003

A vulnerability in the OpenSSL library PKCS12 file format is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service or execute arbitrary code...

ROS-20260420-73-0017

A vulnerability in the SSLCIPHERfind function of the OpenSSL library is related to pointer dereferencing. Exploitation of the vulnerability may allow an attacker acting remotely to cause a denial of service...

ROS-20260420-73-0008

A vulnerability in the PKCS12itemdecryptd2iex function of the OpenSSL library is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260420-73-0009

A vulnerability in the PKCS12itemdecryptd2iex function of the OpenSSL library is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2026-26399

A stack-use-after-return issue exists in the ArduinoCoreSTM32 library prior to version 1.7.0. The pwmstart function allocates a TIMHandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the function...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:1429-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1429-1 advisory. This update for openssl-3 fixes the following issue: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS...

CVE-2026-28212

A flaw was found in Firebird, an open-source relational database management system. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted network packet to the server. During the processing of an opslice network packet, the server attempts to use an unprepared...