163 matches found
CVE-2026-53303
CVE-2026-53303 — In the Linux kernel's f2fs subsystem, f2fs_sbi_show() reads extension_list, extension_count, and hot_ext_count without holding sbi->sb_lock. A concurrent sysfs store in f2fs_update_extension_list() could cause inconsistent counts or contents, risking out-of-bounds access or di...
CVE-2026-53217
A flaw was found in the Linux kernel's mvpp2 network driver. This issue occurs because the driver incorrectly synchronizes received RX data at the hardware packet offset. On systems with non-coherent Direct Memory Access DMA, this can lead to the Central Processing Unit CPU reading stale cache...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: serial: core: Fixed the issue where the transmit-buffer was not freed after closing the serial port. The commit 761ed4a94582 “tty: serialcore: changed uartclose to use ttyportclose” converted the serial core to use ttyportclos...
SUSE CVE-2026-46315
In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: clear waitid info before copying it to userspace IORINGOPWAITID stores its result fields in struct iowaitid::info and later copies them to userspace siginfo. The prep path initializes the request arguments, but it...
CVE-2026-46315
The CVE affects the Linux kernel io_uring waitid path. In IORING_OP_WAITID, result fields are stored in io_waitid::info and later copied to userspace siginfo. During prep, info wasn’t initialized; if the wait completes without a child event, the common wait code may skip writing wo_info, yet io_w...
CVE-2026-46315 io_uring/waitid: clear waitid info before copying it to userspace
In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: clear waitid info before copying it to userspace IORINGOPWAITID stores its result fields in struct iowaitid::info and later copies them to userspace siginfo. The prep path initializes the request arguments, but it...
PT-2026-47719
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information disclosure issue exists in the io uring subsystem during the IORING OP WAITID operation. The io waitid finish function copies the info field from struct io waitid to...
CVE-2026-46309
A flaw was found in the Linux kernel's drm/xe/uapi component. This vulnerability allows a Graphics Processing Unit GPU using cohnone coherency mode to bypass CPU caches and read stale sensitive data directly from Dynamic Random-Access Memory DRAM. This can lead to information disclosure, where da...
drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure
...
CVE-2026-46229
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...
CVE-2026-46229 drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...
EUVD-2026-32856
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...
CVE-2026-46229
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...
SUSE CVE-2026-45858
In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...
SUSE CVE-2026-45985
In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...
CVE-2026-45985
A flaw was found in the Linux kernel's ext4 filesystem. When allocating blocks for direct I/O DIO and writeback, an incorrect flag handling during extent splitting could lead to a mismatch between the on-disk extent status and the extent status tree. This issue, particularly when a temporary erro...
EUVD-2026-32324
In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...
CVE-2026-45985
In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...
UBUNTU-CVE-2026-45985
In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...
CVE-2026-45985 ext4: don't set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O
In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...