CVE-2026-46212

A flaw was found in the batman-adv component of the Linux kernel. This vulnerability, a use-after-free, occurs during the process of deleting backbone claims. If exploited, this memory corruption issue could allow an attacker to cause a system crash, leading to a denial of service, or potentially...

CVE-2026-46211

A flaw was found in the Linux kernel's drm/msm/gem component. Improper error handling within the msmioctlgeminfogetmetadata function can lead to a NULL pointer dereference. This occurs because the function fails to check for allocation failures and incorrectly reports success even when operations...

CVE-2026-46213

A flaw was found in the Linux kernel's Apple keyboard driver appletb-kbd. A Use-After-Free UAF vulnerability exists in the inactivity-timer cleanup path during driver tear-down. This can occur due to race conditions between device cleanup and timer operations, or late event callbacks re-arming th...

CVE-2026-46218

A flaw was found in the Linux kernel's drm/amdgpu driver. The uvd/vce/vcn code accesses the Instruction Buffer IB without sufficient bounds checking, which could allow an attacker to trigger an out-of-bounds memory access. This vulnerability may lead to system instability or a denial of service...

CVE-2026-46217

A flaw was found in the Linux kernel, specifically within the AMD GPU Graphics Processing Unit driver component drm/amdgpu/vcn4. This vulnerability is caused by an integer overflow during a message bound check. An attacker could potentially exploit this flaw to cause system instability or a denia...

CVE-2026-46220

A flaw was found in the Linux kernel's AMDGPU graphics driver drm/amdgpu/sdma4. An unprivileged local user could exploit this vulnerability by submitting specially crafted DRMIOCTLAMDGPUCS commands with misaligned fence writeback addresses. This could trigger a BUGON assertion, leading to a fatal...

CVE-2026-46219

A flaw was found in the Linux kernel's spi-mpc52xx driver. This vulnerability, a use-after-free, occurs because the state machine work, scheduled by the interrupt handler, is not properly cancelled after disabling interrupts during the unbind operation. This oversight can lead to memory corruptio...

CVE-2026-46224

A flaw was found in the Linux kernel's drm/xe driver. When a buffer object allocation fails within the xedmabufinitobj function, a pre-allocated storage buffer is not correctly released. This oversight can lead to a resource leak, potentially causing system instability or a denial of service DoS...

CVE-2026-46222

A flaw was found in the Linux kernel, specifically within the rockchip: rkcif media driver. This vulnerability occurs because the driver's pads do not properly check for connected devices, which can lead to a null pointer dereference when a media stream is enabled. A local attacker could exploit...

CVE-2026-46221

A flaw was found in the Linux kernel's EDAC/versalnet component. A memory leak occurs because the device name, allocated during initialization, is not properly freed. Over time, this unreleased memory could lead to resource exhaustion, potentially impacting system stability and availability...

CVE-2026-46226

A flaw was found in the Linux kernel's spi: fsl driver. This vulnerability arises from improper sequencing of controller deregistration before releasing underlying resources, such as Direct Memory Access DMA, during the driver unbind process. This could potentially lead to system instability or a...

CVE-2026-46229

A flaw was found in the Linux kernel's drm/amdkfd component. This vulnerability arises because VRAM Video Random Access Memory allocations for the KFD Kernel Fusion Driver path do not properly clear previously used memory. This oversight allows a local attacker, utilizing a compute kernel, to...

CVE-2026-46228

A flaw was found in the Linux kernel, specifically within the spi: ch341 driver. This vulnerability arises from incorrect management of device resources devres lifetime. When a Universal Serial Bus USB driver is unbound, the associated resources are not properly released, which can lead to memory...

CVE-2026-46232

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. A malicious device could provide an excessively large number of touch reports, leading to an out-of-bounds read in the dualshock4parsereport function. This could allow an attacker to read up to 2 KiB of kernel...

CVE-2026-46231

A flaw was found in the Linux kernel's batman-adv Better Approach To Mobile Ad-hoc Networking - Advanced Basic Link Arbitration BLA module. When the batadvblaaddclaim function fails to insert a new claim into the hash, it leaks a reference to the backbonegw object. This resource leak can accumula...

CVE-2026-46233

A flaw was found in the Linux kernel's batman-adv module. This vulnerability allows a local attacker to trigger a NULL-pointer dereference within the batadvblapurgeclaims function. This issue arises from a timing conflict when a claim is being released simultaneously, causing a critical pointer t...

CVE-2026-46230

A flaw was found in the Linux kernel's drm/amdgpu/vcn3 component. This vulnerability, an Out-of-Bounds OOB read, occurs when parsing decoder messages without proper boundary checks. A local attacker could potentially exploit this to read sensitive information from memory or cause system...

CVE-2026-46236

A flaw was found in the Linux kernel's media: rc: xboxremote driver. This vulnerability arises from incorrect handling of Direct Memory Access DMA buffers, where the buffer for I/O operations is improperly part of the device structure. This violation of DMA coherency rules could lead to data...

CVE-2026-46235

A flaw was found in the saa7164 media driver in the Linux kernel. This vulnerability occurs due to missing return value checks for ioremap calls within the saa7164devsetup function. If ioremap fails for BAR0 or BAR2, it can lead to null pointer dereferences and improper cleanup of PCI memory...

CVE-2026-46241

A flaw was found in the Linux kernel's spi: mpc52xx component. This use-after-free vulnerability occurs when the controller registration fails. An attacker could potentially exploit this flaw to cause a system crash or lead to a resource leak, impacting system stability and availability...