335853 matches found
EUVD-2026-32854
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
CVE-2026-46227
CVE-2026-46227 describes a race in the Linux kernel SCTP SENDALL path. The sctp_sendmsg() loop over ep->asocs caches the next entry in @tmp, then calls sctp_sendmsg_to_asoc() after dropping the socket lock, allowing a second thread to peel off the cached association and migrate it to a new end...
CVE-2026-46227
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
EUVD-2026-32853
In the Linux kernel, the following vulnerability has been resolved: spi: fsl: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...
CVE-2026-46226
In the Linux kernel, the following vulnerability has been resolved: spi: fsl: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...
CVE-2026-46226
CVE-2026-46226 affects the Linux kernel SPI fsl driver. The issue involved failing to deregister the controller before releasing underlying resources (e.g., DMA) during driver unbind. The fix adds proper deregistration sequencing prior to resource release. Patches are documented in the linked ker...
EUVD-2026-32852
In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...
CVE-2026-46225
In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...
CVE-2026-46225 spi: rspi: fix controller deregistration
In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...
CVE-2026-46224
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in xedmabufinitobj on allocation failure When drmgpuvmresvobjectalloc fails, the pre-allocated storage bo is not freed. Add xebofreestorage before returning the error. xedmabufinitobj calls xeboinitlocked, whi...
EUVD-2026-32851
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in xedmabufinitobj on allocation failure When drmgpuvmresvobjectalloc fails, the pre-allocated storage bo is not freed. Add xebofreestorage before returning the error. xedmabufinitobj calls xeboinitlocked, whi...
CVE-2026-46224 drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation failure
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in xedmabufinitobj on allocation failure When drmgpuvmresvobjectalloc fails, the pre-allocated storage bo is not freed. Add xebofreestorage before returning the error. xedmabufinitobj calls xeboinitlocked, whi...
CVE-2026-46223 cgroup: Defer css percpu_ref kill on rmdir until cgroup is depopulated
In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...
CVE-2026-46223
CVE-2026-46223 (Linux kernel) affects the cgroups subsystem. The vulnerability description notes that a chain of commits (v7.0 onward) reworked rmdir to satisfy the invariant that ->css_offline() must not run while tasks still run in the cgroup. The fix defers percpu_ref kill for css until the...
CVE-2026-46222
In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: Add missing MUSTCONNECT flag to pads The pads missed checks for connected devices which may a null dereference when the stream is enabled. Unable to handle kernel NULL pointer dereference at virtual addres...
EUVD-2026-32849
In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: Add missing MUSTCONNECT flag to pads The pads missed checks for connected devices which may a null dereference when the stream is enabled. Unable to handle kernel NULL pointer dereference at virtual addres...
CVE-2026-46222 media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads
In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: Add missing MUSTCONNECT flag to pads The pads missed checks for connected devices which may a null dereference when the stream is enabled. Unable to handle kernel NULL pointer dereference at virtual addres...
EUVD-2026-32848
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...
CVE-2026-46221 EDAC/versalnet: Fix device name memory leak
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...
CVE-2026-46221
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...