8318 matches found
CVE-2026-53354
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...
CVE-2026-53346
In CVE-2026-53346, affected software is the Linux kernel on arm64, where a rustc bug prevents -Cforce-unwind-tables=y from annotating the module, leaving the uwtable flag missing for module constructors (e.g., asan.module_ctor). When CONFIG_UNWIND_PATCH_PAC_INTO_SCS is enabled, this mismatch can ...
EUVD-2026-40977
In the Linux kernel, the following vulnerability has been resolved: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 "ARM: 9430/1: entry: Do a dummy read from VMAP shadow" added a dummy read from the KASAN VMAP stack shadow in switchto. The read uses ldr, but the...
CVE-2026-53343
The CVE-2026-53343 entry documents a Linux kernel ARM vulnerability patch: in configurations with KASAN_VMALLOC and VMAP_STACK, a dummy read from the KASAN VMAP shadow in __switch_to() used an unaligned word load (ldr) which can fault on ARMv5 and crash ARM926/VersatilePB; the fix switches to a b...
CVE-2026-53343 ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow
In the Linux kernel, the following vulnerability has been resolved: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 "ARM: 9430/1: entry: Do a dummy read from VMAP shadow" added a dummy read from the KASAN VMAP stack shadow in switchto. The read uses ldr, but the...
EUVD-2026-40976
In the Linux kernel, the following vulnerability has been resolved: arm64: mm: call pagetable dtor when freeing hot-removed page tables Since 5e8eb9aeeda3 "arm64: mm: always call PTE/PMD ctor in createpgdmapping" page-table allocation on ARM64 always calls pagetablepte,pmd,pud,p4dctor. This sets...
CVE-2026-53326 debugobjects: Don't call fill_pool() in early boot hardirq context
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...
CVE-2026-53326
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...
EUVD-2026-40960
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...
PT-2026-54822
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Certain Arm CPUs experience an issue where a broadcast TLBI;DSB sequence may complete before memory writes translated by an affected TLB entry are globally observed. This affects the...
SUSE-SU-2026:22433-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...
SUSE-SU-2026:22458-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...
Linux Distros Unpatched Vulnerability : CVE-2026-53278
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded...
CVE-2026-53278
A flaw was found in the Linux kernel's armmpam component. This vulnerability occurs when the destroycomponentcfg function is called from mpamdisable before the configuration array has been properly allocated. This can lead to a null pointer dereference, potentially causing a system crash and...
SUSE CVE-2026-53278
In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...
SUSE CVE-2026-53288
In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of data, end segment may overflow into the next page of initpgend1 which is the gap page before earlyinitstack2: 1 crasharm64v9.0.1 vtop ffffffed00601000 VIRTUA...
DEBIAN-CVE-2026-53278
In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...
CVE-2026-53278
In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...
UBUNTU-CVE-2026-53288
In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of data, end segment may overflow into the next page of initpgend1 which is the gap page before earlyinitstack2: 1 crasharm64v9.0.1 vtop ffffffed00601000 VIRTUA...
UBUNTU-CVE-2026-53278
In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...