SUSE CVE-2026-46269

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference. The crash trace showed: 0.732084 Unable to handle kernel NULL point...

Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8374-1)

"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8374-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8373-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8373-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...

Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8371-1)

The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8371-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirt...

Linux Distros Unpatched Vulnerability : CVE-2026-46269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference...

PT-2026-46171

Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads. This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3...

Linux Distros Unpatched Vulnerability : CVE-2026-46261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcmfiuprobe platformgetresourcebyname can return NULL, which would cause a crash when passed the point...

PHP 8.5.x < 8.5.7 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.5.7. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.5.7 advisory. - In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal. CVE-2026-44928 - In uriparse...

ALSA-2026:23388 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

Linux Distros Unpatched Vulnerability : CVE-2025-60477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to...

Ubuntu 26.04 LTS : Linux kernel vulnerabilities (USN-8370-1)

The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8370-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. ...

CVE-2026-46258

A flaw was found in the Linux kernel's gpio: cdev module. A NULL pointer dereference in the linehandlecreate function can occur, leading to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...

CVE-2026-46245

A flaw was found in the Linux kernel's AMD GPU display driver. The amdgpudmhpdinit function, responsible for Hot-Plug Detect HPD initialization, may attempt to dereference a null dclink when handling certain connectors. This unconditional dereference can lead to a system crash, allowing a local...

CVE-2026-46269

A flaw was found in the Linux kernel's k230 pinctrl driver. During the probing process, a NULL pointer dereference can occur when parsing the devicetree. This vulnerability allows a local attacker to trigger a system crash, leading to a Denial of Service DoS. The issue arises from attempting to...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the DecodeFromBytes function. An attacker can trigger a nil pointer dereference and panic by supplying a malicious BGP UPDATE message with a declared section length shorter than the actual data...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the DecodeFromBytes function. An attacker can trigger a nil pointer dereference and panic by supplying a malicious BGP UPDATE message with a declared section length shorter than the actual data...

CVE-2026-46269

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference. The crash trace showed: 0.732084 Unable to handle kernel NULL point...

CVE-2026-46261

In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcmfiuprobe platformgetresourcebyname can return NULL, which would cause a crash when passed the pointer to resourcesize. Move the fiu-memorysize assignment after the erro...

CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

CVE-2025-71313

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...