CVE-2026-43415

A flaw was found in the Linux kernel's Universal Flash Storage UFS host controller driver scsi: ufs: core. A race condition exists during the UFS suspend process, where a timing issue can cause critical operations to execute out of sequence. This can lead to an Asynchronous SError Interrupt and a...

CVE-2026-43373

A flaw was found in the Linux kernel, specifically within the Network Controller Sideband Interface NCSI subsystem. This vulnerability occurs in the NCSI RX and Asynchronous Event Notification AEN handlers, where early return paths fail to release received socket buffers skb when processing inval...

EUVD-2026-28608

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat involved history. The synchronization mechanism was introduced by commit 7dbd8f4cabd9...

CVE-2026-43420

In the Linux kernel, the following vulnerability has been resolved: ceph: fix inlink underrun during async unlink During async unlink, we drop the inlink counter before we receive the completion that will eventually update the inlink because "we assume that the unlink will succeed". That is not a...

CVE-2026-43420

In the Linux kernel, the following vulnerability has been resolved: ceph: fix inlink underrun during async unlink During async unlink, we drop the inlink counter before we receive the completion that will eventually update the inlink because "we assume that the unlink will succeed". That is not a...

UBUNTU-CVE-2026-43415

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed after ufshcdvopssuspendhba, pmop, POSTCHANGE. This creates a race...

CVE-2026-43420

In the Linux kernel, the following vulnerability has been resolved: ceph: fix inlink underrun during async unlink During async unlink, we drop the inlink counter before we receive the completion that will eventually update the inlink because "we assume that the unlink will succeed". That is not a...

CVE-2026-43420 ceph: fix i_nlink underrun during async unlink

In the Linux kernel, the following vulnerability has been resolved: ceph: fix inlink underrun during async unlink During async unlink, we drop the inlink counter before we receive the completion that will eventually update the inlink because "we assume that the unlink will succeed". That is not a...

CVE-2026-43420

CVE-2026-43420 describes a race in Ceph/Linux kernel unlink handling where i_nlink is decremented before completion of async unlink, risking underrun if the updated i_nlink becomes zero. The root cause is updating i_nlink without proper synchronization between ceph_unlink() and MDS responses; the...

CVE-2026-43410 firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when excute...

CVE-2026-43373 net: ncsi: fix skb leak in error paths

In the Linux kernel, the following vulnerability has been resolved: net: ncsi: fix skb leak in error paths Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak. Specifically, ncsiaenhandler returns on invalid AEN packets without consuming the...

CVE-2026-43373

The CVE-2026-43373 entry describes a Linux kernel vulnerability in the net: ncsi subsystem. Early return paths in NCSI RX and AEN handlers fail to release received skbuffers (skb) when processing invalid AEN packets or failing to resolve NCSI devices/handlers, leading to a memory leak. The impact...

CVE-2026-43324

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat involved history. The synchronization mechanism was introduced by commit 7dbd8f4cabd9...

CVE-2026-43324

The CVE-2026-43324 entry covers a Linux kernel USB dummy-hcd synchronization bug. The issue stems from an emulated synchronize_irq() that ran before emulated interrupt-disable, allowing potential callback races when a gadget driver is unbound. The fix moved synchronization to the dummy_udc_async_...

CVE-2026-43324 USB: dummy-hcd: Fix interrupt synchronization error

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat involved history. The synchronization mechanism was introduced by commit 7dbd8f4cabd9...

RHSA-2026:14874 Red Hat Security Advisory: Satellite 6.16.8 Async Update

Bulletin has no description...

RHSA-2026:14873 Red Hat Security Advisory: Satellite 6.17.8 Async Update

Bulletin has no description...

PT-2026-38975

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An interrupt synchronization error exists in the dummy-hcd driver. The emulated synchronize irq function, which ensures all current handler callbacks have returned, was executing before...

PT-2026-39034

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel within the NCSI RX and AEN handlers. Specifically, the ncsi aen handler function returns on invalid AEN packets without consuming the socket buff...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue in the NCSI RX and AEN processing routines. This issue causes the received skb packets t...