CVE-2026-43146

CVE-2026-43146 relates to the Linux kernel iris media driver. The root cause was that internal buffers were enqueued in buffers->list before a DMA allocation completed. If dma_alloc_attrs() failed with -ENOMEM, a partially initialized buffer remained in the list, risking inconsistent state and...

CVE-2026-43146 media: iris: Add buffer to list only after successful allocation

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add buffer to list only after successful allocation Move listaddtail to after dmaallocattrs succeeds when creating internal buffers. Previously, the buffer was enqueued in buffers-list before the DMA allocation. If t...

CVE-2026-43146

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add buffer to list only after successful allocation Move listaddtail to after dmaallocattrs succeeds when creating internal buffers. Previously, the buffer was enqueued in buffers-list before the DMA allocation. If t...

CVE-2026-43146

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add buffer to list only after successful allocation Move listaddtail to after dmaallocattrs succeeds when creating internal buffers. Previously, the buffer was enqueued in buffers-list before the DMA allocation. If t...

CVE-2025-71271

In the Linux kernel, the following vulnerability has been resolved: hfsplus: ensure sb-sfsinfo is always cleaned up When hfsplus was converted to the new mount api a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been...

CVE-2026-43098

In the Linux kernel, the following vulnerability has been resolved: nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes into recvskb and may already deliver a complete frame before allocatin...

CVE-2026-43068

A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs when the system attempts to allocate blocks from a corrupted block group within the ext4 filesystem. An attacker with local access could potentially trigger this condition, leading to delayed block allocation failur...

CVE-2026-43067

A flaw was found in the ext4 filesystem within the Linux kernel. This vulnerability involves an issue where the system incorrectly handles block allocation for indirect mapped files, potentially allowing blocks to be allocated beyond their defined 32-bit limit. This could lead to data corruption ...

CVE-2026-43105

The CVE-2026-43105 issue affects the Linux kernel’s DRM VC4 driver. The root cause is a memory leak where the hang state’s BO array is allocated with kzalloc() in vc4_save_hang_state() but is not freed in vc4_free_hang_state(), leaving memory allocated when the hang state is freed. A kfree() for ...

CVE-2026-43098

Summary (concrete details from provided documents): CVE-2026-43098 affects the Linux kernel NFC subsystem, specifically the s3fwrn5 driver, where s3fwrn82_uart_read() may consume bytes into recv_skb and deliver a complete frame before a new receive buffer is allocated. If alloc_skb() fails, the c...

CVE-2026-43098 nfc: s3fwrn5: allocate rx skb before consuming bytes

In the Linux kernel, the following vulnerability has been resolved: nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes into recvskb and may already deliver a complete frame before allocatin...

SUSE CVE-2026-43044

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as...

SUSE CVE-2026-43068

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocate block from corrupted group in ext4mbfindbygoal There's issue as follows: ... EXT4-fs mmcblk0p1: Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117 EXT4-fs...

PT-2026-37528

In the Linux kernel, the following vulnerability has been resolved: ceph: do not propagate page array emplacement errors as batch errors When fscrypt is enabled, move dirty folio in page array may fail because it needs to allocate bounce buffers to store the encrypted versions of each folio. Each...

Linux Distros Unpatched Vulnerability : CVE-2026-42154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect allocation of byte control data in the ipc4-topology module of the SOF audio driver...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the rounded allocation size in the drm/buddy mechanism. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the dmaalloccoherent function in the vt8500lcdfb driver. The memory allocated by this function is...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iommu/amd driver’s concurrent TLB failure and unlocked sequence allocation, potentially leadi...

PT-2026-37408

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the NFC s3fwrn5 component where the s3fwrn82 uart read function reports accepted bytes to the serdev core. The system may deliver a complete frame before allocating a...