1021 matches found
CVE-2026-53122
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...
Linux Distros Unpatched Vulnerability : CVE-2026-53189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. I...
mm/hugetlb: restore reservation on error in hugetlb folio copy paths
...
CVE-2026-53165
A flaw was found in the Linux kernel's iomap subsystem. A race condition can occur during buffered read error reporting, specifically in the iomapfinishfolioread function. This allows a separate process to clear a folio's mapping while an error is being reported, leading to a null pointer...
SUSE CVE-2026-53189
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...
CVE-2026-52960
A flaw was found in the Linux kernel's Ceph component. This vulnerability occurs due to improper handling of memory pages, known as folios, that are not suitable for writeback. When certain folios are removed, their references are not properly released, leading to a resource leak. A local attacke...
CVE-2026-53189
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...
CVE-2026-53154
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...
UBUNTU-CVE-2026-53165
In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...
UBUNTU-CVE-2026-53154
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...
UBUNTU-CVE-2026-53189
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...
EUVD-2026-39280
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...
CVE-2026-53189 mm/huge_memory: update file PMD counter before folio_put()
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...
CVE-2026-53189
CVE-2026-53189 affects the Linux kernel memory management for huge pages (mm/huge_memory). The vulnerability arises from the order of operations when splitting a huge PMD: the RSS/file counters are updated after releasing the folio reference, which can let freed folio state be observed by mm_coun...
CVE-2026-53165 iomap: avoid potential null folio->mapping deref during error reporting
In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...
EUVD-2026-39256
In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...
CVE-2026-53165 iomap: avoid potential null folio->mapping deref during error reporting
In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...
CVE-2026-53165
CVE-2026-53165 describes a race in the Linux kernel iomap subsystem where, during buffered read error reporting, a separate in-flight read can detach a folio and set folio->mapping to NULL before an error is reported, leading to a NULL dereference of folio->mapping in fserror_report_io(). T...
EUVD-2026-39245
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...
CVE-2026-53154
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...