328 matches found
CVE-2026-5818
Incorrect check of function return value in Caliptra Core Runtime Firmware ActivateFirmwareCmd::activatefw modules allows bypass of Caliptra Core's verification of the MCU FW during a hitless update. This issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0...
PT-2026-51609
Name of the Vulnerable Software and Affected Versions Caliptra Core Runtime Firmware versions 2.0.0 through 2.0.1 Caliptra Core Runtime Firmware version 2.1.0 Description An incorrect check of a function return value within the ActivateFirmwareCmd::activate fw modules allows the bypass of the...
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. A bug related to incorrect checking of function return values makes Squid vulnerable to Denial of Service attacks targeting its helper process management. This bug has been fixed in Squid version 6.5. Users...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xfs: check the return value of xchkscrubcreatesubord. This function should be fixed to return NULL instead of the mangled ENOMEM. Additionally, the calling functions should be corrected to actually check for a null pointer and...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: cx88: A null-ptr-deref bug was fixed in the bufferprepare function. When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in an empty buffer and a null-ptr-deref later in the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm: Fixed a potential null-ptr-deref due to drmmmodeconfiginit. drmmmodeconfiginit will call drmmodecreatestandardproperties, and it does not check the return value. When drmmodecreatestandardproperties fails due to allocatio...
CVE-2026-48994
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in versions 6.9.13-48...
EUVD-2026-32253
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Add missing check for inputffcreatememless The psgamepadcreate function calls inputffcreatememless without verifying its return value, which can lead to incorrect behavior or potential crashes when FF effects ar...
EUVD-2026-32342
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...
UBUNTU-CVE-2026-45864
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...
CVE-2026-45969
The CVE concerns the Linux kernel HID PlayStation driver. In ps_gamepad_create(), the call to input_ff_create_memless() is made without verifying its return value, which can cause incorrect behavior or crashes when Force Feedback effects are triggered. Multiple connected sources indicate the issu...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from failing to check the return value of inputffcreatememless. This could lead to incorrect behavior ...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added missing error checks to ctlget The ctlget functions that call scarlett2update did not check the return value. This issue has been fixed by adding error checks and passing the return value to the caller...
CVE-2026-46419
Yubico webauthn-server-core aka java-webauthn-server 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation...
PT-2026-40845
Yubico webauthn-server-core aka java-webauthn-server 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the rgabufinit function not checking the return value of rgagetframe, potentially leading to null...
CVE-2026-43123
In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fbacquirenewinfo If fbconopen fails when called from con2fbacquirenewinfo then info-fbconpar pointer remains NULL which is later dereferenced. Add check for return value of the function...
CVE-2026-43123
Summary: CVE-2026-43123 affects the Linux kernel’s fbcon component. The root cause is a missing return-value check in con2fb_acquire_newinfo(); if fbcon_open() fails during this call, info->fbcon_par may be NULL and dereferenced, potentially crashing the system. The provided documents indicate...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a zero-value check for the MINXOUTPUTSIZE register in the media ccs driver. This...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013734)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013734 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmmmodeconfiginit drmmmodeconfiginit will call...