339 matches found
CVE-2026-43448 nvme-pci: Fix race bug in nvme_poll_irqdisable()
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvmepollirqdisable In the following scenario, pdev can be disabled between 1 and 3 by 2. This sets pdev-msixenabled = 0. Then, pciirqvector will return MSI-X IRQ15 for 1 whereas return INTx IRQcqvector...
CVE-2026-43293
CVE-2026-43293: Linux kernel wave5 media driver in polling mode fixes a race between hrtimer cancellation and kthread worker destruction. The wave5_vpu_timer_callback() queues work via kthread_queue_work(), and destroying the worker before cancelling the hrtimer could let the timer fire during de...
Linux Distros Unpatched Vulnerability : CVE-2026-43448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme-pci: Fix race bug in nvmepollirqdisable In the following scenario, pdev can be disabled between 1 and 3 by 2. This sets pdev-msixenabled = 0. Then,...
CVE-2026-43252
A flaw was found in the MultiPath TCP MPTCP subsystem of the Linux kernel. A local attacker could exploit a logic error in how MPTCP manages network connection endpoints. By performing a specific sequence of operations, an attacker could trigger a kernel warning, potentially leading to system...
CVE-2026-43244
A flaw was found in the Linux kernel's Kernel Connection Multiplexer KCM module. A local user could trigger an issue where, during partial sendmsg operations, an empty network buffer skb is incorrectly left in the fraglist. A subsequent zero-length write operation can then cause a kernel warning,...
CVE-2026-43180
A flaw was found in the Linux kernel's kaweth USB network driver. The kawethsetrxmode function incorrectly manipulates the transmit TX queue, allowing it to be re-enabled while a USB Request Block URB is still active. This can result in the same URB being submitted twice, leading to a kernel...
CVE-2026-43252
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always set ID as avail when rm endp Syzkaller managed to find a combination of actions that was generating this warning: WARNING: net/mptcp/pmkernel.c:1074 at marksubflowendpavailable net/mptcp/pmkernel.c:10...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fixed a runtime warning from memcpy in dgdispatchashost. Syzkaller encountered a “WARNING in dgdispatchashost” bug. memcpy: A field-spanning write was detected size 56 for a single field “&dginfo-msg” in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are of type u32 in the uapi, and the internal implementation uses idralloc, which uses integer ranges. Passing a new handle th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a kernel warning during topology setup This patch fixes the following kernel warning that occurred during driver loading by correctly initializing the p2plink attr before creating the sysfs file: +0.002865...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: The WARNONONCE call has been removed from ufshcduiccmdcompl. The UIC completion interrupt may be disabled while a UIC command is being processed. When the UIC completion interrupt is re-enabled, a UIC interrupt i...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is necessary to return the received buffers if streaming cannot be started. For example, mediapipelinestart may fail with an EPIPE error if a link validation...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregisters devlink parameters in case the interface is down Currently, if an interface is down, the mlx5 driver does not unregister its devlink parameters, which leads to this WARN1. This issue is fixed by unregisterin...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: exec: Force a single empty string when argv is empty Quoting 1 Ariadne Conill: “In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program. This prevents scenarios...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/qedr: Fixed the qedrcreateuserqp error flow. Avoid the following warning by ensuring that allocated resources are freed in case qedrinituserqueue fails. ----------- Cut here --- WARNING: CPU: 0 PID: 143192 at...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumacltcam: Fixed incorrect use of the list API. Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call listfirstentry on the respective...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: igc: Avoid kernel warnings when changing RX ring parameters Calling ethtool to change RX ring parameters like this: $ ethtool -G eth0 rx 1024 triggers kernel warnings like this: 225.198467 ------------ Cut here 225.198473 Missing...
CVE-2026-31689
A flaw was found in the EDAC/mc module of the Linux kernel. An error in the ordering of operations within the edacmcalloc function can lead to a situation where a device's release function is called before the device is fully initialized. This improper initialization can result in a kernel warnin...
Linux Distros Unpatched Vulnerability : CVE-2026-31545
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a WARNON' and allows the driver to operate GPIOs which are connected...
CVE-2026-31555
A flaw was found in the Linux kernel. A local user could exploit a race condition within the futexlockpi retry path. This vulnerability occurs because a stale pointer to an exiting process is not cleared, leading to a kernel warning. Successful exploitation of this flaw could result in a system...