xorg: xmayland: Use-after-free in XPresentNotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

PT-2025-52889

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.7 Description The Linux kernel contains a flaw in the VXLAN implementation where a NULL pointer dereference can occur in the vxlan xmit one function. This happens because the sock4 and sock6 pointers are not...

xorg: xmayland: Use-after-free in XPresentNotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

openSUSE 16 Security Update : poppler (openSUSE-SU-2025-20068-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025-20068-1 advisory. - CVE-2025-52885: Fixed raw pointers leading to dangling pointers when the vector is resized bsc1251940 Tenable has extracted the preceding description...

CVE-2025-62609

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...

Security update for poppler (important)

openSUSE security update: security update for poppler ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20068-1 Rating: important References: bsc1251940 Cross-References: CVE-2025-52885 CVSS scores: CVE-2025-52885 SUSE : 7.3...

SUSE-SU-2025:21132-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-52885: Fixed raw pointers leading to dangling pointers when the vector is resized bsc1251940...

OPENSUSE-SU-2025:20068-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-52885: Fixed raw pointers leading to dangling pointers when the vector is resized bsc1251940...

PT-2025-49090

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash could occur in the scx enable function when a helper kthread creation failed. This was observed during termination of the sched ext selftests runner with Ctrl+ while test 15 was...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43883)

usb: vhci-hcd: vulnerability due to the vhci-hcd driver dropping references before new ones were gained, potentially leading to the use of stale pointers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-39505)

drm/komeda: check for error-valued pointer. komedapipelinegetstate may return an error-valued pointer, thus check the pointer for negative or null value before dereferencing. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB that originates from incorrectly retaining memory pointers during file closure, which could lead to a denial of service...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46755)

wifi: mwifiex: Do not return unused priv in mwifiexgetprivbyid. mwifiexgetprivbyid returns the priv pointer corresponding to the bssnum and bsstype, but without checking if the priv is actually currently in use. Unused priv pointers do not have a wiphy attached to them which can lead to NULL...

SUSE CVE-2025-40116

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

CVE-2025-40199

In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix PPMAGICMASK to avoid crashing on some 32-bit arches Helge reported that the introduction of PPMAGICMASK let to crashes on boot on his 32-bit parisc machine. The cause of this is the mask is set too wide, so the...

EUVD-2025-124967

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

CVE-2025-40116

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

CVE-2025-40116 usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

CVE-2025-40116

The CVE-2025-40116 issue is in the Linux kernel USB host max3421-hcd path. It arises from dereferencing kthread_run() return values that can be error pointers or NULL in probe cleanup. The SUSE advisories SUSE-SU-2025:4505-1 and SUSE-SU-2025:4516-1 (and related) document the fix and list the affe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the pidnrns function not checking for ns null pointers, which could lead to a kernel crash...