CVE-2026-46291

CVE-2026-46291 concerns the Linux kernel crypto/caam path: hash_digest_key may dump sensitive HMAC key bytes when CONFIG_DYNAMIC_DEBUG is enabled. The fix redirects dumps to print_hex_dump_devel() to prevent leaking secrets at runtime. Affected behavior is that dynamic debugging could reveal HMAC...

CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

EUVD-2026-35157

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

CVE-2026-46290

The CVE describes a Linux kernel issue in x86/efi: after FPU-related softirq changes, kernel_fpu_begin() uses fpregs_lock() with local_bh_disable(), setting SOFTIRQ_OFFSET during EFI runtime calls. This makes in_interrupt() return true in normal task context, causing efi_crash_gracefully_on_page_...

CVE-2026-46290 x86/efi: Fix graceful fault handling after FPU softirq changes

In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...

CVE-2026-46290

In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...

CVE-2026-46290

In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...

EUVD-2026-35156

In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...

EUVD-2026-35155

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

CVE-2026-46289

The CVE pertains to the Linux kernel, specifically the kvec-to-sg extraction path in lib/scatterlist (extract_kvec_to_sg and related extract_iter_to_sg). The main issues were: (1) the length for an sglist entry when extracting from a kvec could exceed the page size, and (2) the sglist used as a s...

CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

CVE-2026-46288

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

CVE-2026-46288 of: unittest: fix use-after-free in of_unittest_changeset()

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

CVE-2026-46288

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

CVE-2026-46288

In the Linux kernel, CVE-2026-46288 fixes a use-after-free in unittest: of_unittest_changeset() where the local 'parent' points to the same struct device_node as 'nchangeset'. The code calls of_node_put(nchangeset) which can drop the reference count to zero, freeing the node, yet 'parent' is stil...

CVE-2026-46287

In the Linux kernel, the net/txgbe driver for copper NICs with external PHY fixed an RTNL assertion warning that occurred during module removal. The root cause was phylink_disconnect_phy() being called during remove without proper RTNL protection, triggering an assertion in phylink_disconnect_phy...

CVE-2026-46287

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...