219 matches found
EUVD-2026-38896
In the Linux kernel, the following vulnerability has been resolved: usb: typec: Fix error pointer dereference The variable tps-partner is checked for an error pointer and then if it is, it sends an error message but does not return and then immediately dereferenced a few lines below: tps-partner ...
EUVD-2026-38934
In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: backend: fix error pointer dereference The function drmatomicgetplanestate can return an error pointer and is not checked for it. Add error pointer check. Detected by Smatch: drivers/gpu/drm/sun4i/sun4ibackend.c:496...
CVE-2026-53066
In the Linux kernel, the drm/sun4i backend fixed an error pointer dereference: drm_atomic_get_plane_state() could return an error pointer and was not checked in sun4i_backend_atomic_check(), risking a dereference of plane_state. The issue is resolved by adding an error pointer check. Connected re...
CVE-2026-53028 usb: typec: Fix error pointer dereference
In the Linux kernel, the following vulnerability has been resolved: usb: typec: Fix error pointer dereference The variable tps-partner is checked for an error pointer and then if it is, it sends an error message but does not return and then immediately dereferenced a few lines below: tps-partner ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix ofiomap memory leak Matching reports: drivers/clk/mediatek/clk-mtk.c:583 mtkclksimpleprobe warning: ‘base’ from ofiomap is not released on lines: 496. This problem was also found in linux-next. In...
PT-2026-51987
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference exists in the brcmfmac WiFi driver. The function brcmf chip add core can return an error pointer that is not properly checked within the brcmf chip recogniti...
PT-2026-51960
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference exists in the drm/sun4i backend. The function drm atomic get plane state can return an error pointer that is not properly checked before use. This can lead t...
CVE-2026-46313 media: intel/ipu6: fix error pointer dereference
In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...
PT-2026-47384
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference occurs in the intel/ipu6 media component. In a specific error path, the isp-psys variable is confirmed to be an error pointer rather than NULL, leading to a...
CVE-2026-46263
CVE-2026-46263 is a Linux kernel issue in drm/amd/display where eng_id may index stream_enc_regs beyond its 5-element size, causing out-of-bounds access. The fix adds an explicit bounds check (using ARRAY_SIZE) before indexing stream_enc_regs[eng_id], preventing access when eng_id is ENGINE_ID_DI...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: crypto: marvell/octeontx – prevents integer overflows The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s likely very little you can do to protect yourself. Nevertheless, we still try...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: Replace BUGON with a regular error message. BUGON is unnecessary here, and it also causes confusion in the smatch function. Replacing BUGON with an error message helps to resolve this issue. Warning:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 stateless decoder’s “smatch” warning. A “smatch static checker” warning has been fixed in vdech264reqif.c. This issue causes the kernel to crash when fb is NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: OPP: Fixed a potential null pointer dereference in devpmoppgetrequiredpstate. The “opp” pointer is dereferenced before the ISERRORNULL check. This issue was fixed by removing the dereference of the “opp” pointer from the cache an...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fixed the issue of dereferencing an uninitialized error pointer. Fixed the warnings related to smatch. Location: drivers/crypto/ccp/sev-dev.c:1312 sevplatforminitlocked Error: We previously assumed that ‘error’ coul...
CVE-2026-31690 firmware: thead: Fix buffer overflow and use standard endian macros
In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013545)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013545 advisory. In the Linux kernel, the following vulnerability has been resolved: ptpqoriq: fix memory leak in probe Smatch complains that: drivers/ptp/ptpqoriq.c ptpqoriqprobe...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013332)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013332 advisory. In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUGON with a regular error BUGON is unnecessary here, and in...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010934)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010934 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007471)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007471 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled...