CVE-2026-45998

A flaw was found in the Linux kernel's rxrpc subsystem. This vulnerability arises when the system attempts to unshare a packet buffer, and the operation fails due to an allocation issue. This failure can lead to a Use-After-Free UAF condition, where the system attempts to access memory that has...

CVE-2026-46000

A flaw was found in the Linux kernel's rxrpc component. Security operations that decrypt RESPONSE packets in place may share the socket buffer skbuff with a packet sniffer. This could allow a local attacker or an attacker with network access to intercept and view decrypted portions of these...

CVE-2026-46001

A flaw was found in the Linux kernel's hwmon pt5161l driver. The pt5161lreadblockdata function is vulnerable to a buffer overrun, where it can receive more data than its allocated buffer size. This can lead to memory corruption. Additionally, the function may return an unexpected positive value o...

CVE-2026-46004

A flaw was found in the Linux kernel, specifically within the ALSA caiaq driver. This vulnerability arises from improper error handling during the setupcard probe procedure. When an error occurs, the system may attempt to use memory that has already been freed, leading to a Use-After-Free UAF...

CVE-2026-46003

A flaw was found in the Linux kernel's qrtr nameserver. A malicious client can exploit this vulnerability by registering an excessive number of random nodes. This uncontrolled resource consumption leads to memory exhaustion, resulting in a Denial of Service DoS for the system...

CVE-2026-46007

A flaw was found in the Linux kernel's hwmon powerz component. This vulnerability is caused by cacheline sharing between the transfer buffer and a mutex during Direct Memory Access DMA operations. This architectural issue can lead to unexpected behavior or data corruption, impacting system...

CVE-2026-46006

A flaw was found in the Linux kernel's drm/nouveau driver. An integer overflow vulnerability exists in the nouveaugempushbufrelocapply function. This occurs when a 32-bit unsigned integer relocbooffset is used in a bounds check, and the addition of a small value can cause it to wrap around, leadi...

CVE-2026-46005

A flaw was found in the Linux kernel's xfs filesystem. This resource leak occurs in the xfsallocbuftarg function's error path, where a DAX Direct Access device reference is not properly dropped. An attacker could potentially exploit this flaw to cause resource exhaustion, leading to a Denial of...

CVE-2026-46008

A flaw was found in the Linux kernel's Data Access MONitor DAMON subsystem. A race condition exists in the memory management component, specifically during the exit process of kdamondfn and the registration of damoswalk requests. This vulnerability allows a local attacker to trigger a deadlock,...

CVE-2026-46009

A flaw was found in the Linux kernel, specifically within the PCI endpoint NTB Non-Transparent Bridge module. A programming error involving a duplicate resource teardown in the epfntbepcdestroy function can lead to a kernel 'oops', which is a system crash. This issue can be triggered during PCI...

CVE-2026-46010

A flaw was found in the Linux kernel's rxrpc component. Missing error handling in the rxgkextracttoken function, specifically when rxgkdecryptskb returns an out-of-memory error -ENOMEM, could lead to an unexpected system abort. This vulnerability could allow a local attacker to cause a Denial of...

CVE-2026-46011

A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...

CVE-2026-46013

A flaw was found in the Linux kernel. An issue in the memfdluo component, specifically within the putfolios cleanup path of memfdluoretrievefolios, leads to incorrect physical address conversion and a missing check for sparse file holes. This could result in incorrect memory handling, potentially...

CVE-2026-46014

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM and Secure Virtual Machine SVM components. This vulnerability is due to missing save and restore handling for Last Branch Record LBR Model Specific Registers MSRs and MSRIA32DEBUGCTLMSR. A local attacker with access to a...

CVE-2026-46016

A flaw was found in the Linux kernel's remoteproc xlnx component. This vulnerability occurs when the system attempts to process an Inter-Processor Interrupt IPI message without properly verifying its contents. An attacker could exploit this by causing the system to access an invalid memory...

CVE-2026-46019

A flaw was found in the Linux kernel's atmel-aes cryptographic driver. The atmelaesbuffcleanup function incorrectly deallocates memory, leading to a memory leak. Specifically, while atmelaesbuffinit allocates four pages of memory, atmelaesbuffcleanup only frees one page, resulting in three pages ...

CVE-2026-46018

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA USB audio driver. A malicious Universal Serial Bus USB audio device could send a malformed Universal Audio Class 2 UAC2 RANGE response. This could cause the system to repeatedly print error messages and potentially lead...

CVE-2026-46017

A flaw was found in the Linux kernel's memory management. A race condition in the deferred split queue during memory migration can lead to incorrect handling of memory pages. This issue may allow a local attacker to trigger a system warning, potentially causing system instability or a denial of...

CVE-2026-46020

A flaw was found in the Linux kernel's DAMON Data Access MONitor core. A privileged local user can exploit this vulnerability by providing an invalid node ID to damosquotagoal-nid for nodememused,freebp via the DAMON user-space tool. This improper validation can lead to an out-of-bounds memory...

CVE-2026-46021

A flaw was found in the Linux kernel's thermal management subsystem. This vulnerability can lead to a memory leak if a thermal governor is not correctly cleaned up during device registration failures. More critically, a race condition during thermal zone unregistration, where a governor update...