225445 matches found
CVE-2026-53243
A flaw was found in the Linux kernel. An uninitialized stack variable in the rseqexituserupdate function can lead to an information leak. This occurs due to an indeterminate sequencing of expressions during the initialization of the rseqids structure, where ids.nodeid is assigned using an...
CVE-2026-53154
A flaw was found in the Linux kernel's huge page hugetlb memory management. When an error occurs during the copying of huge pages, the system fails to properly restore the memory reservation. This can lead to a leak of the virtual memory area VMA reservation. A local attacker could exploit this b...
CVE-2026-53134
A flaw was found in the Linux kernel's netfilter component. This vulnerability, a stale stack leak, occurs when certain network filtering operations do not properly clear memory. An attacker could potentially exploit this to access sensitive information from the kernel's memory, leading to...
CVE-2026-53180
A flaw was found in the Linux kernel's timer migration handling. An incorrect assumption in the tmigrhandleremotecpu function regarding local softirq path handling of CPU timers can lead to a livelock. This occurs when a timer expires after the local timer wheel advances but before remote handlin...
CVE-2026-53249
A flaw was found in the Linux kernel's IPv4 networking component. This vulnerability allows an unprivileged application to set specific IP options, namely Loose Source and Record Route LSRR and Strict Source and Record Route SSRR. By exploiting this, an attacker can force network packets to...
CVE-2026-53145
A flaw was found in the Linux kernel's Direct Rendering Manager DRM Graphics Execution Manager GEM subsystem. A race condition exists within the changehandle ioctl between gemclose and gemchangehandle operations. This could lead to incorrect handling of graphics memory, potentially resulting in...
CVE-2026-53188
A flaw was found in the Linux kernel's RDMA/core component. This vulnerability arises from insufficient validation of file operations fops passed to the ibgetucaps function. A local attacker could exploit this by creating a block device with a device number devt that aliases a character device...
CVE-2026-53193
A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. This vulnerability occurs when a timer object is freed while timer instances are still associated with it, particularly when userspace-driven timers are involved. A local user can exploit this by...
CVE-2026-53235
A flaw was found in the Linux kernel's network Generic Receive Offload GRO handling. An attacker sending specially crafted network packets could trigger a bug in the skbgroreceivelist function. This occurs when the system attempts to process network data that is not in the expected linear memory...
CVE-2026-53227
A flaw was found in the Linux kernel's Open vSwitch OVS component. This issue occurs due to incorrect error handling during the allocation of a 'reply' skb socket buffer after locking the ovsmutex. If the allocation fails, an invalid pointer may be passed to kfreeskb, leading to a system crash an...
CVE-2026-53239
A flaw was found in the Linux kernel. A race condition exists in the xfrm policy handling, specifically within the xfrmpolicybyselctx function. This flaw allows for a use-after-free vulnerability, where memory is accessed after it has been released. This can lead to system instability or a denial...
CVE-2026-53237
A flaw was found in the Linux kernel's Marvell EBU mvebu General Purpose Input/Output GPIO driver. During system suspend and resume operations, the mvebupwmsuspend and mvebupwmresume functions are called for all GPIO banks. However, not all banks have Pulse Width Modulation PWM functionality,...
CVE-2026-53213
A flaw was found in the Linux kernel's drm/vc4 component. This vulnerability occurs due to incorrect handling of the krealloc function's return value. If krealloc fails and returns a null value, the original pointer to allocated memory is overwritten without proper validation, leading to a memory...
CVE-2026-53232
A flaw was found in the Linux kernel's network PHY Physical Layer driver. When a PHY probing operation fails, the system does not properly clean up the SFP Small Form-Factor Pluggable upstream connection. This oversight leaves a dangling reference in the SFP bus, which could be accessed later...
CVE-2026-53211
A flaw was found in the Linux kernel's netfilter component, specifically in nftmetabridge. The NFTMETABRIIIFHWADDR register, intended for hardware address storage, is declared with a length of 6 bytes but is tracked as 8 bytes during initialization. When nftmetabridgegeteval writes to this...
CVE-2026-53132
A flaw was found in the Linux kernel's vsock/virtio component. A remote attacker could send specially crafted packets with zero length and an End-of-Message EOM flag. This could lead to an unbounded queue of packets, consuming excessive memory and potentially causing a Denial of Service DoS due t...
CVE-2026-53167
A flaw was found in the Linux kernel's FUSE Filesystem in Userspace component. The FUSENOTIFYRETRIEVE operation did not properly restrict access to up-to-date folios, potentially allowing the exposure of uninitialized data from the page cache. This information disclosure vulnerability could allow...
CVE-2026-53152
A flaw was found in the Linux kernel's dwmmc-rockchip driver. This vulnerability occurs because older controllers such as rk2928, rk3066, and rk3188 lack necessary private data. When the system attempts to access this missing data, it results in a NULL-pointer dereference. This can lead to system...
CVE-2026-53147
A flaw was found in the Linux kernel's Thunderbolt component. A remote attacker could exploit this vulnerability by sending a malformed XDomain packet. This could lead to an out-of-bounds read, potentially resulting in information disclosure or system instability...
CVE-2026-53189
A flaw was found in the Linux kernel's memory management, specifically within the huge page mechanism. When a huge page is split, the system updates a counter after releasing a reference to the memory. This timing issue can lead to the system attempting to read from memory that has already been...