SUSE CVE-2026-40197

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The custom volume backup import subsystem...

CVE-2026-40197

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The custom volume backup import subsystem...

CVE-2026-40197

Incus CVE-2026-40197 describes a nil-pointer dereference in the custom volume import path. During import, the code iterates over srcBackup.Config.VolumeSnapshots and dereferences each element without validating it, allowing an attacker-controlled null entry in volume_snapshots to crash the daemon...

CVE-2026-40197

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The custom volume backup import subsystem...

Incus has a Nil-Pointer Dereference via Custom Volume Import

Summary Missing validation logic in the storage volume import logic allows an authenticated user with access to Incus' storage volume feature to cause the Incus daemon to crash. Repeated use of this issue can be used to keep Incus offline causing a denial of service. Details The custom volume...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CreateCustomVolumeFromBackup process. An attacker can cause the daemon to crash by importing a crafted backup archive containing a null entry in the volumesnapshots array, which leads to a nil-pointer...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CreateCustomVolumeFromBackup process. An attacker can cause the daemon to crash by importing a crafted backup archive containing a null entry in the volumesnapshots array, which leads to a nil-pointer...

PT-2026-36945

Name of the Vulnerable Software and Affected Versions Incus affected versions not specified Description A nil-pointer dereference exists in the custom volume backup import subsystem. An authenticated user with access to the storage volume feature can cause the Incus daemon to crash by importing a...

Virtuozzo Hybrid Infrastructure 5.2 (5.2.0-135)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that enhance compute services, the cluster management and upgrade process, monitoring and alerts, the user interface, and the documentation. Additionally, this release delivers stability improvements and addresses...

Kubernetes Code Issues Vulnerabilities

Kubernetes is an open source Docker container cluster management system from the Linux Foundation. The system provides resource scheduling, deployment operations, service discovery, and scaling up and down for containerized applications. A code issue vulnerability exists in Kubernetes CSI...

Moderate: Red Hat Security Advisory: openstack-cinder security and bug fix update

An update for openstack-cinder is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...