Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()

...

CVE-2026-45848

A flaw was found in the Linux kernel's AppArmor security module. This vulnerability allows a local attacker to trigger a NULL pointer dereference during socket setup or teardown operations. This can lead to a kernel 'oops', resulting in a system crash and a Denial of Service DoS...

CVE-2026-45857

A flaw was found in the Linux kernel's scsi: csiostor module. This null pointer dereference vulnerability occurs in an error handling path. A local attacker could exploit this to cause a system crash, leading to a Denial of Service DoS. Mitigation To prevent exploitation, the csiostor kernel modu...

SUSE CVE-2025-71307

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthorfwunplug This patch removes the MCU halt and wait for halt procedures during panthorfwunplug as the MCU can be in a variety of states or the FW may not even be loaded/initialize...

SUSE CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

SUSE CVE-2026-45857

In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...

CVE-2026-45869

A flaw was found in the Linux kernel, specifically within the wm97xx power supply driver. A timing issue, known as a race condition, can occur during the driver's setup. If an interrupt is triggered at a precise moment, it can cause the system to attempt to use an uninitialized memory pointer,...

SUSE CVE-2026-45874

In the Linux kernel, the following vulnerability has been resolved: phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imxhsioconfigureclkpad this point...

SUSE CVE-2026-45877

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...

SUSE CVE-2026-45911

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...

SUSE CVE-2026-45918

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

SUSE CVE-2026-45943

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inline data read failure for ztailpacking pclusters Compressed folios for ztailpacking pclusters must be valid before adding these pclusters to I/O chains. Otherwise, zerofsdecompresspcluster may assume they are alread...

SUSE CVE-2026-45956

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...

SUSE CVE-2026-45960

In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...

SUSE CVE-2026-45966

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

SUSE CVE-2026-45982

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix NULL pointer dereference in acpievaddressspacedispatch Cover a missed execution path with a new check...

SUSE CVE-2026-45998

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...

SUSE CVE-2026-46016

In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent possibility of crash by NULL pointer dereferencing...

SUSE CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...