CVE-2026-53141

The CVE-2026-53141 issue affects the Linux kernel DRM v3d global performance monitor reference counting. In SET_GLOBAL, v3d_perfmon_find() bumps the perfmon’s reference count, but v3d_perfmon_set_global_ioctl() and v3d_perfmon_delete() fail to release that reference on several paths, causing leak...

EUVD-2026-39231

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix vaddr leak when indirect CSD has zeroed workgroups v3drewritecsdjobwgcountsfromindirect maps both the indirect buffer and the workgroup buffer and is expected to release them before returning. When any of the workgro...

CVE-2026-53137

CVE-2026-53137 concerns the Linux kernel driver for AMD display over HDMI. The issue arises in the DRM HDCP2 path where the driver reads the sink’s 10-bit message size field and uses it as the read length for the ReceiverID list without clamping to the destination buffer size. This can allow an H...

CVE-2026-53136

The CVE pertains to the Linux kernel driver drm/amd/display. A malformed VBIOS can set HdmiRegNum/Hdmi6GRegNum to values up to 255, used as loop bounds when copying retimer I2C settings into fixed-size arrays, causing an out-of-bounds heap write during driver probe. The fix clamps each register c...

CVE-2026-53124

A flaw was found in the ublk subsystem of the Linux kernel. When a ublk server fails to complete all I/O input/output operations, a per-I/O cancellation flag may remain set. This prevents the successful cancellation of outstanding I/O commands, potentially leading to resource exhaustion or a deni...

CVE-2026-53123

A flaw was found in the Linux kernel's Multiple Device MD driver, specifically within the raid456 reshape functionality. A local user could trigger a deadlock by freezing the reshape process and writing to the md/suspendlo or md/suspendhi files while direct I/O operations are in progress. This...

CVE-2026-53099

A flaw was found in the Linux kernel. The issue arises from an incorrect configuration option for Control-Flow Integrity CFI, a security mechanism designed to prevent certain types of attacks. Due to a naming change, the CFI code was not properly compiled, leading to its intended protections not...

CVE-2026-53097

A flaw was found in the Linux kernel's mt7996 Wi-Fi driver. A use-after-free vulnerability exists in the mt7996macdumpwork function due to a race condition during the detachment of the mt7996 PCI chip. This can occur when mt7996crashdata is released while a related work item is still active,...

CVE-2026-53096

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter component, specifically within the devmapredirectmulti function. This vulnerability arises from an incorrect iteration method in an RCU Read-Copy-Update protected context, where hlistforeachentrysafe is used without proper RCU...

CVE-2026-53095

A flaw was found in the Linux kernel. This vulnerability allows for the abuse of the kprobewritectx mechanism through freplace in Berkeley Packet Filter BPF kprobe programs. A local attacker could exploit this by attaching a freplace program to a kprobe program that is attached to a kernel...

CVE-2026-53128

A flaw was found in the Linux kernel's drbd component. Specifically, an imbalance in RCU Read-Copy Update calls within the drbdadmdumpdevices function could occur, where rcureadlock was not properly invoked before rcureadunlock. This concurrency issue, identified by a thread-safety analyzer, may...

CVE-2026-53127

A flaw was found in the Linux kernel's block subsystem. This vulnerability allows for a memory leak when zone revalidation fails, specifically when blkrevalidatediskzones encounters an error after memory has been allocated for zonescond. This can lead to resource exhaustion, potentially resulting...

CVE-2026-53126

A flaw was found in the Linux kernel's blk-cgroup component. This vulnerability occurs due to a missing disk reference release on an error path within the blkcgmaybethrottlecurrent function. When certain lookups or gets fail, the disk reference acquired is not properly freed. This oversight can...

CVE-2026-53100

A flaw was found in the Linux kernel's mt76 wireless driver. This vulnerability occurs in the remain-on-channel functionality, where the mt76remainonchannel and mt76roccomplete functions attempt to acquire a mutex that is already held. This improper handling of the device mutex can lead to a syst...

CVE-2026-52944

A flaw was found in the Linux kernel's ksmbd component. This vulnerability allows a client to bypass intended permission restrictions by using the FSCTLSETSPARSE operation. Specifically, a client on a read-only share can modify a file's sparse attribute, and clients on writable shares can modify...

CVE-2026-52928

A flaw was found in the Linux kernel's afunix component. This vulnerability involves the incorrect handling of the SIOCATMARK operation when used with non-stream sockets, such as SOCKDGRAM and SOCKSEQPACKET. These socket types did not properly reject SIOCATMARK, an operation intended only for...

CVE-2026-52926

A flaw was found in the Linux kernel's batman-adv module, which is responsible for managing mesh networks. When a mesh network is being shut down, the system fails to properly clear the active gateway information. This leaves outdated network configuration data, which can prevent the mesh network...

CVE-2026-52914

A flaw was found in the Linux kernel's batman-adv component. This vulnerability allows a local attacker to cause a denial of service DoS by sending malformed fragment chains. The flaw is due to incorrect accounting of fragment reassembly length, which can be truncated during updates, bypassing...

CVE-2026-52930

A flaw was found in the Linux kernel's inter-process communication IPC shared memory shm component. A synchronization issue exists where orphaned shared memory segments might be incorrectly destroyed while still in use due to a lack of serialization between cleanup and attachment updates. This...

CVE-2026-52929

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP stream handling. When an attempt to add outgoing streams is denied, the system fails to fully roll back the associated state. This incomplete rollback can leave behind stale stream metadata, which a subsequent stream...