CVE-2026-52945

A flaw was found in the Linux kernel's WireGuard component. Under heavy network load, particularly when used with Cilium, the threaded NAPI New API implementation can cause the decryption side for a WireGuard peer to stop processing traffic. This leads to a complete stall of network communication...

CVE-2026-52986

A flaw was found in the Linux kernel's netfilter SIP Session Initiation Protocol connection tracking module. This vulnerability, caused by unsafe port parsing, allows a remote attacker to send specially crafted malformed packets. Such packets could lead to excessive resource consumption,...

CVE-2026-53117

A flaw was found in the Linux kernel, specifically within the s390/cio component. When a driver is being probed, a race condition can occur where the driveroverride field is accessed without proper locking. This can lead to a Use-After-Free UAF vulnerability, which may result in system instabilit...

CVE-2026-52956

A flaw was found in the Linux kernel's libceph module. A remote attacker could trigger an out-of-bounds memory access in the cephxdecrypt function by sending a specially crafted message frame of type FRAMETAGAUTHREPLYMORE with a small ciphertext length. This vulnerability arises because the...

CVE-2026-53006

A flaw was found in the Linux kernel's IPv6 Internet Protocol version 6 implementation. This vulnerability, a Use-After-Free UAF error, occurs due to incorrect caching of network packet addresses before a memory operation. An attacker could potentially exploit this flaw to cause memory corruption...

CVE-2026-52999

A flaw was found in the Linux kernel's netfilter subsystem, specifically in the nfnetlinkosf module. When the NFOSFLOGLEVELALL option is configured, an out-of-bounds read vulnerability can occur during TCP option parsing. This issue can lead to incorrect data processing and logging failures,...

CVE-2026-53070

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP over User Datagram Protocol UDP implementation. An issue with managing the transmission context across different processing units could lead to incorrect recursion level detection. This can cause network packets to b...

CVE-2026-52998

A flaw was found in the Linux kernel's Netfilter subsystem, specifically within the nfnetlinkosf module. The nfosfttl function could attempt to access a device pointer that was not properly validated, leading to a potential null pointer dereference. This vulnerability could allow a local attacker...

CVE-2026-53034

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF and sockmap components, specifically within the afunix socket operations. A race condition occurs during the connection process where a socket's state is updated before its peer is fully assigned. This timing issue can lead to a...

CVE-2026-53014

A flaw was found in the Linux kernel. When the kernel's traffic control TC subsystem processes network packets for redirection across different types of network devices, it can incorrectly handle packet headers. This can lead to corruption of network packet data. A local attacker could potentiall...

CVE-2026-53196

A flaw was found in the Linux kernel's ioti USB serial driver. A malicious USB device, when plugged into a host running this driver, can exploit a heap overflow vulnerability in the getmanufinfo function. This occurs because the driver does not properly validate the size of data read from the...

CVE-2026-53267

A flaw was found in the Linux kernel's netfilter subsystem. A local attacker can exploit this vulnerability by creating specially crafted netfilter rules. This can lead to a memory corruption issue, where data on the kernel's memory stack is overwritten. Successful exploitation could result in...

CVE-2026-53012

A flaw was found in the Linux kernel's networking subsystem. When an IPv6 nexthop is replaced with an IPv4 nexthop, a flag indicating the presence of IPv4 members in nexthop groups is not correctly updated. This can lead to IPv6 routes referencing groups that only contain IPv4 members. A local...

CVE-2026-53044

A flaw was found in the Linux kernel. An out-of-bounds access vulnerability exists in the soc/tegra: cbb fabric lookup tables due to incorrect array size usage. This issue could allow a local attacker to cause a denial of service DoS or potentially lead to information disclosure...

CVE-2026-53176

A flaw was found in the Linux kernel's Internet Small Computer System Interface iSCSI Extensions for Remote Direct Memory Access RDMA iSER module. A remote attacker can send a specially crafted login request with a payload shorter than expected, leading to an integer underflow. This underflow...

CVE-2026-52969

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with access to /dev/kvm could exploit an integer overflow vulnerability in the kvmresetdirtygfn function. By manipulating dirty ring entries, the attacker can bypass a bounds check, leading to an...

CVE-2026-52973

A flaw was found in the Linux kernel's futex subsystem. The needfutexhashallocatedefault function incorrectly relies on CLONETHREAD semantics, which can lead to non-concurrency issues when memory allocations mm-futexref pcpu allocations are shared across CLONEVM clones, excluding vfork. This can...

CVE-2026-53009

A flaw was found in the Linux kernel's ice network driver. An error in the driver's handling of network packet transmission, specifically when icetso or icetxcsum functions fail, can lead to a double-free of a network buffer skb. This occurs because a transmit buffer txbuf may still point to an...

CVE-2026-53002

A flaw was found in the Linux kernel's netfilter conntrack module. This vulnerability arises from the use of sprintf and insufficient buffer sizing in the manglecontentlen function, which can lead to a stack-out-of-bounds write. An attacker could potentially exploit this memory corruption issue t...

CVE-2026-52955

A flaw was found in the libceph component of the Linux kernel. A remote attacker could send a specially crafted CEPHMSGOSDMAP message where two internal fields, alg and b-alg, contain differing bucket algorithm values. This discrepancy can lead to an out-of-bounds memory access during processing ...