226423 matches found
PT-2026-51975
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Berkeley Packet Filter BPF verifier within the regsafe function. The issue occurs when comparing two scalar registers that both carry BPF ADD CONST values; the check...
PT-2026-51972
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF sock ops program when accessing ctx fields where the destination register dst reg is the same as the source register src reg. In the !fullsock or !locked tcp...
PT-2026-51971
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net/rds component where the RDS/IB Reliable Datagram Sockets over InfiniBand code does not function correctly when used in network namespaces other than the initia...
PT-2026-51980
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The bcmgenet timeout handler incorrectly attempts to shut down all transmit tx queues when only a single queue experiences a timeout. This behavior creates race conditions—situations whe...
PT-2026-51969
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Point-to-Point Protocol PPP implementation where /dev/ppp open is authorized against file-f cred-user ns, while unattached administrative ioctls operate on...
PT-2026-51722
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where the system fails to fully roll back the state when an ADD OUT STREAMS request is denied. In such cases, the system only shrinks queued...
PT-2026-51726
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the io poll get ownership function where a signed comparison is used to determine if poll refs has reached the threshold for the slowpath. Because atomic read returns ...
PT-2026-51985
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the handling of Generic Segmentation Offload GSO packet headers. The qdisc pkt len segs init function fails to properly pull headers into the expected memory location,...
PT-2026-51735
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read issue exists in the netfilter nf log component. The dump mac header function fails to verify if the MAC header was set using skb mac header was set in its fallback...
PT-2026-51728
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm espintcp component where the system may reuse an in-progress partial send. Specifically, the espintcp sendmsg function may reinitialize emsg-skmsg and reuse...
PT-2026-51865
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the get timestamp function of the ENA network driver. The problem occurs because the phc-active check and the assignment of the resp pointer were perform...
PT-2026-51840
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the send sigio and send sigurg functions when a process group receives a signal. This happens because these functions use read lock&tasklist lock to traverse the...
PT-2026-51854
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18 Description An issue exists in the ceph component where folios not suitable for writeback are not properly released. Because the batch maintains references to the folios through filemap get folios and folio...
PT-2026-51885
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the pressure write operation and the cgroup file release process. This occurs because the priv member of the struct kernfs open file is not sufficiently...
PT-2026-51870
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Two error handling issues exist within the drm/xe graphics driver in the xe exec queue create ioctl function. The first issue occurs when xe hw engine group add exec queue fails; the err...
PT-2026-51850
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds memory access exists in the ceph x decrypt function within libceph. The issue occurs because a portion of buffer p is interpreted as a ceph x encrypt header and its magi...
PT-2026-51881
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free flaw exists in the drm/amdgpu component within the userq validate function. The issue occurs when amdgpu userq vm validate calls the drm exec fini function on an execution...
PT-2026-51991
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the mt76 wireless driver for the mt7996 PCI chip. A race condition occurs when the chip is detaching; the mt7996 coredump unregister function releases...
PT-2026-51707
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the running payload length for queued fragments can be truncated during updates. This allows malformed fragment chains to bypass validation...
PT-2026-51939
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the tegra124-emc memory component where the logic used to verify if the specified memory timing enables the Delay-Locked Loop DLL in the EMRS register was reversed. Th...