EUVD-2026-32267

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix NULL pointer dereference in acpievaddressspacedispatch Cover a missed execution path with a new check...

EUVD-2026-32264

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2releaseresource Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before...

EUVD-2026-32263

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...

EUVD-2026-32282

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak...

EUVD-2026-32232

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4extshiftextents In ext4extshiftextents, if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4findextent, leading to a memory leak. Fix...

EUVD-2026-32246

In the Linux kernel, the following vulnerability has been resolved: ublk: Validate SQE128 flag before accessing the cmd ublkctrlcmddump accesses header sqe-cmd before IOURINGFSQE128 flag check. This could cause out of boundary memory access. Move the SQE128 flag check earlier in ublkctrluringcmd ...

EUVD-2026-32256

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

EUVD-2026-32240

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...

EUVD-2026-32247

In the Linux kernel, the following vulnerability has been resolved: ASoC: nau8821: Cancel delayed work on component remove Attempting to unload the driver while a jack detection work is pending would likely crash the kernel when it is eventually scheduled for execution: 1984.896308 BUG: unable to...

EUVD-2026-32250

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

EUVD-2026-32238

In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fbdrvprobe In au1200fbdrvprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure...

EUVD-2026-32237

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...

EUVD-2026-32258

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found If btrfssearchslotforread returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the...

EUVD-2026-32255

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...

EUVD-2026-32243

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...

EUVD-2026-32253

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Add missing check for inputffcreatememless The psgamepadcreate function calls inputffcreatememless without verifying its return value, which can lead to incorrect behavior or potential crashes when FF effects ar...

EUVD-2026-32236

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

EUVD-2026-32242

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidiconnectionioctl, vidi-ediduser pointer is directly dereferenced in the kernel. This allows arbitrary kernel memory access from the user space, so instead o...

EUVD-2026-32254

In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...

EUVD-2026-32239

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: fix percpuref not resurrected on suspend timeout When llbitmapsuspendtimeout times out waiting for percpuref to become zero, it returns -ETIMEDOUT without resurrecting the percpuref. The caller mdllbitmapdaemonfn...