CVE-2026-46295

In the Linux kernel KVM for x86, CVE-2026-46295 stems from a race between vmx_sync_pir_to_irr() on the target vCPU and __vmx_deliver_posted_interrupt() on a sender vCPU. The sequence of operations (pi_test_and_set_pir, then pi_test_and_set_on) can interleave such that the second sync reports max_...

CVE-2026-46295

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in kvmapicupdateirr even if PIR is empty Fall back to apicfindhighestvector when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In a...

CVE-2026-46295

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in kvmapicupdateirr even if PIR is empty Fall back to apicfindhighestvector when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In a...

EUVD-2026-35161

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in kvmapicupdateirr even if PIR is empty Fall back to apicfindhighestvector when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In a...

CVE-2026-46294

Technical details about CVE-2026-46294 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-46294

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

CVE-2026-46294 dm: fix a buffer overflow in ioctl processing

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

CVE-2026-46294

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

EUVD-2026-35160

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

CVE-2026-46293

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...

CVE-2026-46293

In the Linux kernel, the clk: microchip: mpfs-ccc driver fixes an out-of-bounds access during output registration. UBSAN flagged a bound error when registering the last two outputs because the hws array only allocates space for two PLLs and four output dividers, while the defined IDs include two ...

CVE-2026-46293 clk: microchip: mpfs-ccc: fix out of bounds access during output registration

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...

CVE-2026-46293

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...

EUVD-2026-35159

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...

EUVD-2026-35158

In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpddevpmattachbyid, genpd calls pmruntimeenable for the corresponding virtual device that it registers. While this...

CVE-2026-46292

In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpddevpmattachbyid, genpd calls pmruntimeenable for the corresponding virtual device that it registers. While this...

CVE-2026-46292 pmdomain: core: Fix detach procedure for virtual devices in genpd

In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpddevpmattachbyid, genpd calls pmruntimeenable for the corresponding virtual device that it registers. While this...

CVE-2026-46292

In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpddevpmattachbyid, genpd calls pmruntimeenable for the corresponding virtual device that it registers. While this...

CVE-2026-46292

In the Linux kernel, CVE-2026-46292 concerns the detach procedure for virtual devices in genpd. When a device is attached to a PM domain via genpd_dev_pm_attach_by_id(), genpd enables runtime PM for the virtual device, but genpd_dev_pm_detach() lacks a matching pm_runtime_disable(), potentially l...

CVE-2026-46291

CVE-2026-46291 concerns the Linux kernel crypto/caam path: hash_digest_key may dump sensitive HMAC key bytes when CONFIG_DYNAMIC_DEBUG is enabled. The fix redirects dumps to print_hex_dump_devel() to prevent leaking secrets at runtime. Affected behavior is that dynamic debugging could reveal HMAC...