73825 matches found
CVE-2026-43045
CVE-2026-43045 concerns the Linux kernel mshv module, where the vulnerability stems from incorrect error handling in mshv_region_pin. The issue allows memory corruption due to pin_user_pages_fast() sometimes returning a short pin count (less than requested but >0) and being treated as success,...
EUVD-2026-26644
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshvregionpin The current error handling has two issues: First, pinuserpagesfast can return a short pin count less than requested but greater than zero when it cannot pin all requested pages. This is...
CVE-2026-43038
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...
EUVD-2026-26637
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...
CVE-2026-43038
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...
CVE-2026-43037
CVE-2026-43037 affects the Linux kernel; vulnerability arises from ip4ip6_err() using a cloned skb where the IPv6 receive path writes cb[] as inet6_skb_parm, which is then misinterpreted as IPv4 inet_skb_parm by __ip_options_echo(), causing a potential data leak/compromise. The fix includes clear...
CVE-2026-43037
In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...
CVE-2026-43025
CVE-2026-43025 affects the Linux kernel netfilter component. A local attacker can trigger a slab-out-of-bounds read when creating new expectations by supplying a non-master conntrack helper, potentially enabling information disclosure from kernel memory. The issue is described across multiple sou...
CVE-2026-43022 Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...
EUVD-2026-26621
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...
CVE-2026-43022
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...
CVE-2026-43008 gpio: qixis-fpga: Fix error handling for devm_regmap_init_mmio()
In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...
EUVD-2026-26607
In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...
CVE-2026-43008
In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...
CVE-2026-43008
CVE-2026-43008 affects the Linux kernel gpio: qixis-fpga driver. The issue is incorrect error handling in devm_regmap_init_mmio(): it returns ERR_PTR() on failure, but code checked for NULL, risking invalid pointer dereference. Mitigation: patch uses IS_ERR() and PTR_ERR() to handle errors correc...
CVE-2026-43008
In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...
CVE-2026-31777
The CVE-2026-31777 entry concerns the Linux kernel ALSA ctxfi driver. The root cause is the driver’s missing validation of the return value from daio_device_index(), leading to incorrect assumptions and potential system instability. Documents indicate this has been resolved via patches. Remediati...
EUVD-2026-26590
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daiodeviceindex, but it's not always true. Add a proper error check to deal with the error from the function...
CVE-2026-31777
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daiodeviceindex, but it's not always true. Add a proper error check to deal with the error from the function...
CVE-2026-31777 ALSA: ctxfi: Check the error for index mapping
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daiodeviceindex, but it's not always true. Add a proper error check to deal with the error from the function...