CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/06 3:13 p.m.•6 views

CVE-2026-43229

A flaw was found in the chips-media wave5 driver within the Linux kernel. An incorrect device cleanup order allows the kernel's worker thread to attempt reading from powered-off hardware. This can occur when the system enters autosuspend mode, leading to a bus error and a kernel panic. This...

5.5CVSS5.8AI score0.00013EPSS

EUVD•added 2026/05/06 12:30 p.m.•2 views

EUVD-2026-27810

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. The root cause was to enter suspend mode because timeout of autosuspend delay happened. 48.834439...

EUVD•added 2026/05/06 12:30 p.m.•2 views

EUVD-2026-27792

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

5.7AI score0.00013EPSS

EUVD•added 2026/05/06 12:30 p.m.•3 views

EUVD-2026-27731

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

EUVD•added 2026/05/06 12:30 p.m.•3 views

Exploits0References6

EUVD-2026-27624

In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...

NVD•added 2026/05/06 12:16 p.m.•3 views

CVE-2026-43247

5.5CVSS0.00013EPSS

Exploits0References3

Cvelist•added 2026/05/06 11:28 a.m.•24 views

CVE-2026-43271 md-cluster: fix NULL pointer dereference in process_metadata_update

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...

ATTACKERKB•added 2026/05/06 11:28 a.m.•4 views

CVE-2026-43247

Exploits0References4Affected Software1

Cvelist•added 2026/05/06 11:28 a.m.•30 views

CVE-2026-43247 media: chips-media: wave5: Fix SError of kernel panic when closed

Debian CVE•added 2026/05/06 11:28 a.m.•2 views

Exploits0References3

CVE-2026-43247

5.5CVSS5.8AI score0.00013EPSS

Exploits0

Cvelist•added 2026/05/06 11:28 a.m.•24 views

CVE-2026-43240 x86/kexec: add a sanity check on previous kernel's ima kexec buffer

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...

CVE•added 2026/05/06 11:28 a.m.•4 views

Exploits0References6

CVE-2026-43229

The CVE-2026-43229 issue affects the Linux kernel via the chips-media wave5 driver. The root cause is an incorrect device cleanup order: video device unregistration was performed after power/runtime disable and hardware power-down, allowing a kthread worker to read hardware registers after autosu...

5.5CVSS5.7AI score0.00013EPSS

Exploits0References4Affected Software1

Debian CVE•added 2026/05/06 11:28 a.m.•2 views

CVE-2026-43229

5.5CVSS5.7AI score0.00013EPSS

Exploits0

Cvelist•added 2026/05/06 11:28 a.m.•27 views

CVE-2026-43229 media: chips-media: wave5: Fix device cleanup order to prevent kernel panic

ATTACKERKB•added 2026/05/06 11:28 a.m.•2 views

CVE-2026-43229

5.7AI score0.00013EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/06 11:27 a.m.•6 views

CVE-2026-43170

CVE-2026-43170 affects the Linux kernel USB DWC3 gadget driver. The vulnerability arises when dwc3_gadget_vbus_draw() is called from atomic context and may invoke PMIC APIs that sleep, risking kernel panic. The fix moves vbus_draw to a workqueue context, mitigating sleep in atomic operations. Aff...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References5Affected Software1

NVD•added 2026/05/06 10:16 a.m.•10 views

CVE-2026-43107

5.5CVSS0.00013EPSS

NVD•added 2026/05/06 10:16 a.m.•4 views

CVE-2026-43086

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix NULL deref in ipvsaddservice error path When ipvsbindscheduler succeeds in ipvsaddservice, the local variable sched is set to NULL. If ipvsstartestimator subsequently fails, the outerr cleanup calls...

5.5CVSS0.00013EPSS

RedhatCVE•added 2026/05/06 10:13 a.m.•4 views

CVE-2026-43071

A flaw was found in the Linux kernel's dcache component. When the 'dhashentries' parameter is set to one, an out-of-bounds OOB read occurs in the dentryhashtable. This issue arises due to an incorrect calculation of the 'dhashshift' value, causing the system to attempt to access unallocated memor...

9.1CVSS5.8AI score0.00072EPSS