CVE-2026-43207

A flaw was found in the Linux kernel's mtk-mdp media driver. Improper error handling in the probe function could lead to a resource leak. Additionally, a missing check for the return value of vpugetplatdevice could result in a null pointer dereference, potentially causing a system crash and leadi...

CVE-2026-43208

A flaw was found in the Linux kernel's networking component. An incorrect assumption about the size and immutability of the Receive Packet Steering RPS table could lead to an out-of-bounds memory access. This vulnerability, occurring during the computation of flowid in the setrpscpu function, cou...

CVE-2026-43202

A flaw was found in the Linux kernel's fbdev: vt8500lcdfb module. This vulnerability, a memory leak, occurs because allocated memory is not properly freed when an error path is triggered. A local attacker could potentially exploit this to exhaust system resources, leading to a Denial of Service D...

kernel: crypto: algif_aead - Fix minimum RX size check for decryption

A flaw was found in the Linux kernel, specifically within the algifaead module. The vulnerability involves an incorrect check for the minimum receive buffer size during decryption, which did not properly account for the tag size. This could potentially lead to issues with data integrity or...

CVE-2026-43190

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

CVE-2026-43184

A flaw was found in the Linux kernel's rnbd-srv component. This vulnerability arises from the failure to properly clear the response buffer before sending data. A remote client could potentially receive unintended data, leading to information disclosure...

CVE-2026-43182

A flaw was found in the Linux kernel's media: ccs component. This vulnerability, a division-by-zero error, occurs when calculating the maximum M for scaler configuration. A missing check for a non-zero value in the MINXOUTPUTSIZE limit register could allow a local attacker to trigger a system...

CVE-2026-43186

A flaw was found in the Linux kernel's IPv6 In-situ Operations, Administration, and Maintenance IOAM functionality. A remote attacker can send a specially crafted packet that manipulates the nodelen field while processing trace data. This manipulation leads to a heap buffer overflow, causing...

CVE-2026-43178

A flaw was found in the Linux kernel's procfs component. A local user, by providing a malformed input buffer during a specific memory mapping query PROCMAPQUERY, can trigger an error in how the kernel manages process memory. This can lead to a double release of memory resources, potentially causi...

CVE-2026-43176

A flaw was found in the Linux kernel's rtw89 WiFi driver. This vulnerability arises from insufficient validation of release report content, specifically affecting the RTL8922DE chip. If a malformed release report is processed, it can lead to a system crash, resulting in a Denial of Service DoS...

CVE-2026-43173

A flaw was found in the Linux kernel. A local user can trigger a NULL pointer dereference in the ixp4xxgettsinfo function within the network ethernet xscale driver. This occurs because ixp46xptpfind is unconditionally called, even on systems that do not support the ixp46x PTP feature. Successful...

CVE-2026-43171

A flaw was found in the Linux kernel's EFI/CPER component. This vulnerability occurs because the cperprintfwerr function does not adequately validate the length of error records against a provided offset. A malicious or malformed firmware could exploit this by providing an offset that causes an...

CVE-2026-43164

A flaw was found in the Linux kernel's UDP-Lite User Datagram Protocol-Lite implementation. An issue during the initialization of UDP-Lite sockets can lead to a null-pointer dereference in the udpenqueuescheduleskb function. This vulnerability could allow an attacker to trigger a system crash,...

CVE-2026-43162

A flaw was found in the Linux kernel's tegra-video driver. This vulnerability, a memory leak, occurs because certain error paths in the tegrachanneltryformat function fail to properly deallocate a state object. Over time, this can lead to increased memory consumption, potentially causing system...

CVE-2026-43156

A flaw was found in the Linux kernel's USB Pegasus driver. This vulnerability allows a local attacker to use a specially crafted USB device to bypass expected endpoint checks. By presenting unexpected transfer types, the malicious device could trigger a system assertion, potentially leading to a...

CVE-2026-43152

A flaw was found in the Linux kernel's Human Interface Device HID subsystem, specifically within the hid-pl module. This vulnerability arises from improper error handling during device initialization. An attacker could potentially trigger a NULL pointer dereference by interacting with a device th...

CVE-2026-43148

A flaw was found in the Linux kernel. This vulnerability occurs in the powerpc/smp component due to a missing check for memory allocation failure. Specifically, if the kcalloc function fails to allocate memory within parsethreadgroups, a subsequent operation can attempt to use a NULL pointer. Thi...

CVE-2026-43145

A flaw was found in the Linux kernel's remoteproc remote processor subsystem, specifically within the imxrproc driver. The imxrprocelffindloadedrsctable function could incorrectly report the presence of a loaded resource table even when the current firmware did not provide one. This...

CVE-2026-43142

A flaw was found in the Linux kernel's media: iris: gen1 driver. This vulnerability occurs because the driver fails to destroy internal buffers after the firmware releases them. This oversight leads to stale memory allocations, particularly when display resolutions change and new buffers are...

CVE-2026-43134

A flaw was found in the Linux kernel's Bluetooth Low Energy LE Logical Link Control and Adaptation Protocol L2CAP. A missing check for encryption key size when processing connection requests could allow a remote attacker to send a malformed request. This could lead to a protocol violation,...