CVE-2026-46010

A flaw was found in the Linux kernel's rxrpc component. Missing error handling in the rxgkextracttoken function, specifically when rxgkdecryptskb returns an out-of-memory error -ENOMEM, could lead to an unexpected system abort. This vulnerability could allow a local attacker to cause a Denial of...

CVE-2026-46011

A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...

CVE-2026-46013

A flaw was found in the Linux kernel. An issue in the memfdluo component, specifically within the putfolios cleanup path of memfdluoretrievefolios, leads to incorrect physical address conversion and a missing check for sparse file holes. This could result in incorrect memory handling, potentially...

CVE-2026-46014

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM and Secure Virtual Machine SVM components. This vulnerability is due to missing save and restore handling for Last Branch Record LBR Model Specific Registers MSRs and MSRIA32DEBUGCTLMSR. A local attacker with access to a...

CVE-2026-46016

A flaw was found in the Linux kernel's remoteproc xlnx component. This vulnerability occurs when the system attempts to process an Inter-Processor Interrupt IPI message without properly verifying its contents. An attacker could exploit this by causing the system to access an invalid memory...

CVE-2026-46019

A flaw was found in the Linux kernel's atmel-aes cryptographic driver. The atmelaesbuffcleanup function incorrectly deallocates memory, leading to a memory leak. Specifically, while atmelaesbuffinit allocates four pages of memory, atmelaesbuffcleanup only frees one page, resulting in three pages ...

CVE-2026-46018

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA USB audio driver. A malicious Universal Serial Bus USB audio device could send a malformed Universal Audio Class 2 UAC2 RANGE response. This could cause the system to repeatedly print error messages and potentially lead...

CVE-2026-46017

A flaw was found in the Linux kernel's memory management. A race condition in the deferred split queue during memory migration can lead to incorrect handling of memory pages. This issue may allow a local attacker to trigger a system warning, potentially causing system instability or a denial of...

CVE-2026-46020

A flaw was found in the Linux kernel's DAMON Data Access MONitor core. A privileged local user can exploit this vulnerability by providing an invalid node ID to damosquotagoal-nid for nodememused,freebp via the DAMON user-space tool. This improper validation can lead to an out-of-bounds memory...

CVE-2026-46021

A flaw was found in the Linux kernel's thermal management subsystem. This vulnerability can lead to a memory leak if a thermal governor is not correctly cleaned up during device registration failures. More critically, a race condition during thermal zone unregistration, where a governor update...

CVE-2026-46022

A flaw was found in the Linux kernel's ibmasm module. A compromised service processor can exploit this by manipulating specific hardware registers, causing the system to read data from an unintended memory location. This out-of-bounds read can lead to a system crash, resulting in a Denial of...

CVE-2026-46025

A flaw was found in the Linux kernel's DAMON Data Access MONitor core. A race condition between the damoncall function and the kdamondfn exit process can lead to system instability. This can cause threads waiting for damoncall requests to enter an infinite wait state, resulting in a deadlock. In...

CVE-2026-46023

A flaw was found in the Linux kernel's device mapper dm mirror component. A local user could exploit an integer overflow vulnerability in the createdirtylog function by providing a specially crafted device mapper table string. This could lead to out-of-bounds reads, potentially causing system...

CVE-2026-46024

A flaw was found in the Linux kernel's libceph component. A remote attacker could send a specially crafted authentication reply message to trigger a null pointer dereference. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS for affected systems...

CVE-2026-46026

A flaw was found in the Linux kernel's QRTR Qualcomm IPC Router nameserver. A malicious local client can exploit this by sending an unbounded number of NEWLOOKUP messages. This can lead to resource exhaustion, causing a Denial of Service DoS for the system. The vulnerability is addressed by...

CVE-2026-46027

A flaw was found in the Linux kernel's net/smc component. A remote attacker could exploit this by sending a Connection Less Connection CLC decline message during an early handshake stage. This causes the system to attempt to update link-group level synchronization state before it is properly...

CVE-2026-46030

A flaw was found in the Linux kernel's EDAC/versalnet component. The mcprobe function fails to release a devicenode reference obtained from ofparsephandle. This oversight leads to a memory leak, which could potentially result in a Denial of Service DoS condition due to resource exhaustion...

CVE-2026-46028

A flaw was found in the Linux kernel's algifaead Authenticated Encryption with Associated Data subsystem. Asynchronous async requests for AEAD operations use a shared initialization vector IV buffer. This shared state can be modified by subsequent socket activity before an async request fully...

CVE-2026-46029

A flaw was found in the Linux kernel. In uniprocessor UP kernel configurations, a race condition can occur within the slab memory allocator when kmallocnolock is invoked from a Non-Maskable Interrupt NMI context. This allows the allocator to attempt to acquire a spinlock that is already held,...

CVE-2026-24199

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service...