CVE-2026-46200

A flaw was found in the Linux kernel's spi: mpc52xx driver. This vulnerability occurs because the controller is not properly deregistered before its underlying resources, such as interrupts and General Purpose Input/Output GPIO pins, are disabled and released during the driver unbind process. Thi...

CVE-2026-46199

A flaw was found in the Linux kernel's drm/amdgpu/vcn4 component. This vulnerability allows an attacker to trigger an out-of-bounds OOB read when parsing decoder messages due to insufficient bounds checking. This could lead to information disclosure, potentially revealing sensitive data from memo...

CVE-2026-46198

A flaw was found in the Linux kernel's batman-adv component. An integer overflow in the batadvivogmsendtoif function, specifically with the buffpos variable, can lead to an out-of-bound read. This occurs because the size check uses an int type while buffpos uses an s16 type, causing a mismatch th...

CVE-2026-46202

A flaw was found in the Linux kernel's Apple Touch Bar keyboard driver. This vulnerability allows the system to become unstable or crash kernel panic when the driver's inactivity autodim feature attempts to acquire a lock from an inappropriate execution context. This can be triggered by a local...

CVE-2026-46201

A flaw was found in the Linux kernel's drm/xe subsystem. When handling dma-buf attachments, a resource leak occurs if the initialization of a dma-buf object fails, as the attachment is not properly detached. This oversight can lead to resource exhaustion, potentially allowing a local attacker to...

CVE-2026-46204

A flaw was found in the Linux kernel's AMD GPU Graphics Processing Unit driver, specifically within the drm/amdgpu/vcn4 component. This vulnerability allows for an out-of-bounds read when processing an Instruction Buffer IB. An attacker could potentially exploit this to read sensitive information...

CVE-2026-46206

A flaw was found in the Linux kernel's batman-adv module, specifically in the tpmeter component. This vulnerability allows tpmeter to initiate new sender or receiver sessions even after the mesh state has exited BATADVMESHACTIVE. This improper state management could lead to unexpected behavior or...

CVE-2026-46203

A flaw was found in the Linux kernel, specifically within the spi: cadence-quadspi driver. This vulnerability occurs when the controller is not properly runtime resumed before being disabled during driver unbind, leading to unclocked register access. A local attacker could potentially exploit thi...

CVE-2026-46205

A flaw was found in the Linux kernel's atomisp driver, located in the staging: media subsystem. This vulnerability involves the unsafe handling of private Input/Output Control IOCTL operations. While specific exploitation details are not provided, the presence of unsafe IOCTL handlers could...

CVE-2026-46210

A flaw was found in the Linux kernel's iris media driver. A race condition can occur when the driver attempts to free a resource while it is still being accessed by another part of the system. This leads to a use-after-free vulnerability, where a program tries to use memory that has already been...

CVE-2026-46212

A flaw was found in the batman-adv component of the Linux kernel. This vulnerability, a use-after-free, occurs during the process of deleting backbone claims. If exploited, this memory corruption issue could allow an attacker to cause a system crash, leading to a denial of service, or potentially...

CVE-2026-46211

A flaw was found in the Linux kernel's drm/msm/gem component. Improper error handling within the msmioctlgeminfogetmetadata function can lead to a NULL pointer dereference. This occurs because the function fails to check for allocation failures and incorrectly reports success even when operations...

CVE-2026-46213

A flaw was found in the Linux kernel's Apple keyboard driver appletb-kbd. A Use-After-Free UAF vulnerability exists in the inactivity-timer cleanup path during driver tear-down. This can occur due to race conditions between device cleanup and timer operations, or late event callbacks re-arming th...

CVE-2026-46218

A flaw was found in the Linux kernel's drm/amdgpu driver. The uvd/vce/vcn code accesses the Instruction Buffer IB without sufficient bounds checking, which could allow an attacker to trigger an out-of-bounds memory access. This vulnerability may lead to system instability or a denial of service...

CVE-2026-46217

A flaw was found in the Linux kernel, specifically within the AMD GPU Graphics Processing Unit driver component drm/amdgpu/vcn4. This vulnerability is caused by an integer overflow during a message bound check. An attacker could potentially exploit this flaw to cause system instability or a denia...

CVE-2026-46220

A flaw was found in the Linux kernel's AMDGPU graphics driver drm/amdgpu/sdma4. An unprivileged local user could exploit this vulnerability by submitting specially crafted DRMIOCTLAMDGPUCS commands with misaligned fence writeback addresses. This could trigger a BUGON assertion, leading to a fatal...

CVE-2026-46219

A flaw was found in the Linux kernel's spi-mpc52xx driver. This vulnerability, a use-after-free, occurs because the state machine work, scheduled by the interrupt handler, is not properly cancelled after disabling interrupts during the unbind operation. This oversight can lead to memory corruptio...

CVE-2026-46224

A flaw was found in the Linux kernel's drm/xe driver. When a buffer object allocation fails within the xedmabufinitobj function, a pre-allocated storage buffer is not correctly released. This oversight can lead to a resource leak, potentially causing system instability or a denial of service DoS...

CVE-2026-46222

A flaw was found in the Linux kernel, specifically within the rockchip: rkcif media driver. This vulnerability occurs because the driver's pads do not properly check for connected devices, which can lead to a null pointer dereference when a media stream is enabled. A local attacker could exploit...

CVE-2026-46221

A flaw was found in the Linux kernel's EDAC/versalnet component. A memory leak occurs because the device name, allocated during initialization, is not properly freed. Over time, this unreleased memory could lead to resource exhaustion, potentially impacting system stability and availability...