CVE-2026-53247

A flaw was found in the Linux kernel's ethernet driver for MediaTek mtkethsoc network devices. This vulnerability, a 'use-after-free', occurs when the system attempts to free a memory region while it is still being used by network packet processing. This can allow a local attacker to trigger syst...

CVE-2026-53136

A flaw was found in the Linux kernel's AMD display driver. This vulnerability occurs when the driver processes malformed VBIOS Video Basic Input/Output System data. Specifically, unvalidated register counts in the VBIOS can lead to an out-of-bounds memory write during the driver's initialization...

CVE-2026-53240

A flaw was found in the Linux kernel's xfrm: iptfs component. A race condition during partial packet reassembly in the inputprocesspayload function can lead to a use-after-free vulnerability. This occurs when a concurrent process frees a packet buffer skb before it is checked, allowing subsequent...

CVE-2026-53273

A flaw was found in the Linux kernel's Trusted Execution Environment TEE subsystem, specifically within the OP-TEE driver. This use-after-free vulnerability occurs when a client task terminates before its associated supplicant has finished processing a request. This timing issue can lead to the...

CVE-2026-53150

A flaw was found in the Linux kernel's Thunderbolt subsystem. The tbpropertyentryvalid function, which validates Thunderbolt property entries, accepts zero-length TEXT entries. This can cause an underflow in the null-termination logic, resulting in an out-of-bounds write to memory. This memory...

CVE-2026-52983

A flaw was found in the Linux kernel's airoha network driver. This vulnerability stems from an inconsistent accounting of inflight packets in the transmit TX path, leading to a Byte Queue Limit BQL imbalance. This issue could potentially result in network performance degradation or a denial of...

CVE-2026-53246

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A remote attacker could exploit this by sending a specially crafted COOKIEECHO chunk to a listening SCTP server. The server's failure to properly validate the length of a cached peer INIT chunk within...

CVE-2026-53224

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. Specifically, improper validation of embedded INIT chunk and address list lengths in SCTP cookies could allow a remote attacker to trigger out-of-bounds reads. This could lead to information disclosur...

CVE-2026-53268

A flaw was found in the Linux kernel's netfilter conntrackirc module. This vulnerability allows for a possible out-of-bounds read. When parsing network traffic, if a command string is matched but subsequent parsing fails, the system does not properly exit, leading to the flaw. This could...

CVE-2026-53219

A flaw was found in the Linux kernel's netfilter xtables component. This vulnerability allows for information disclosure due to improper handling of percpu counter pointers during the copying of rule entry headers to userspace. A local attacker could exploit this by causing a fault in a userspace...

CVE-2026-53221

A flaw was found in the Linux kernel, specifically within the ip6vti component responsible for managing IPv6 tunnels. This vulnerability arises from an error in the vti6tnllookup function, which incorrectly matches network tunnels by failing to properly verify wildcard addresses during fallback...

CVE-2026-53257

A flaw was found in the Linux kernel. An issue within the mac80211 Wi-Fi subsystem, specifically related to the enforcement of High Efficiency HE and Extremely High Throughput EHT capabilities and operations, could lead to a system crash. This vulnerability arises when HE/EHT capabilities are set...

CVE-2026-53178

A flaw was found in the Linux kernel, specifically within the rtl8723bs Wi-Fi driver's rtwmlme component. This vulnerability is due to a missing bounds check before subtracting fixed offsets from the ielength variable, which can lead to an unsigned integer underflow. This issue could potentially...

CVE-2026-53229

A flaw was found in the Linux kernel's mlx5e driver. When an XDP eXpress Data Path transmission fails, the driver does not properly unmap DMA Direct Memory Access addresses or free allocated XDP frames. This oversight can lead to a continuous leak of DMA resources and XDP frames, potentially...

CVE-2026-52971

A flaw was found in the Linux kernel's Elastic Network Adapter ENA driver, specifically within the Precision Time Protocol Hardware Clock PHC timestamp retrieval function. A race condition exists where the gettimestamp function could attempt to access memory that has already been freed by the...

CVE-2026-52947

A flaw was found in the Linux kernel's qrtr network subsystem. A race condition exists in the qrtrportremove function where the socket reference count is decremented prematurely. This allows a concurrent reader to access a socket whose reference count has dropped to zero, potentially leading to a...

CVE-2026-52982

A flaw was found in the Linux kernel's USB network driver for Realtek RTL8150 devices. A race condition exists in the rtl8150startxmit function, where a network packet's data buffer can be released prematurely. This can lead to a 'use-after-free' vulnerability, allowing the system to attempt to...

CVE-2026-53005

A flaw was found in the Linux kernel's afunix component, specifically within its SOCKMAP feature. This vulnerability stems from the kernel's improper handling of Socket Control Message SCM attributes when data is passed to the SOCKMAP layer. This can lead to a use-after-free condition, which may...

CVE-2026-53072

A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...

CVE-2026-52967

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability, located in the symlinkdata function, could allow a malicious SMB server to trigger an infinite loop, leading to a Denial of Service DoS condition. Additionally, an out-of-bounds read could occur, potential...