CVE-2026-45848

A flaw was found in the Linux kernel's AppArmor security module. This vulnerability allows a local attacker to trigger a NULL pointer dereference during socket setup or teardown operations. This can lead to a kernel 'oops', resulting in a system crash and a Denial of Service DoS...

CVE-2026-45850

A flaw was found in the Linux kernel's IP Virtual Server IPVS component. A remote attacker could send specially crafted IPv6 packets with extension headers, causing the system to fail protocol checksum validation. This could lead to incorrect packet processing or a denial of service DoS, impactin...

CVE-2026-45849

A flaw was found in the Linux kernel's network component, specifically within the mscc: ocelot driver. The system failed to properly secure access to shared resources during network packet injection, leading to a missing lock protection vulnerability. This oversight could allow a local attacker t...

CVE-2026-45851

A flaw was found in the Linux kernel's Extensible Firmware Interface EFI subsystem. An error in memory reservation for the unaccepted memory table can occur if its starting address is not page-aligned. This vulnerability could lead to the memory table being overwritten or inaccessible, resulting ...

CVE-2026-45854

A flaw was found in the Linux kernel's EIP93 cryptographic accelerator driver. This vulnerability occurs because the driver attempts to unregister all cryptographic algorithms, even those not supported by the hardware. This incorrect handling can lead to a system panic, effectively causing a Deni...

CVE-2026-45853

A flaw was found in the Linux kernel's drm/amdgpu component. The amdgpudiscoverygetnpsinfo function incorrectly deallocates memory by using kfree instead of kvfree, even when memory was allocated with kvcalloc which may use vmalloc. This improper memory handling can lead to memory corruption. Suc...

CVE-2026-45852

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...

CVE-2026-45855

A flaw was found in the Linux kernel's libata-scsi component. This vulnerability allows for a denial of service DoS where non-Native Command Queuing NCQ commands can experience significant delays or complete starvation. This occurs when non-NCQ commands are issued while NCQ commands are actively...

CVE-2026-45857

A flaw was found in the Linux kernel's scsi: csiostor module. This null pointer dereference vulnerability occurs in an error handling path. A local attacker could exploit this to cause a system crash, leading to a Denial of Service DoS. Mitigation To prevent exploitation, the csiostor kernel modu...

CVE-2026-45856

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the ibuverbspostsend function. A local user can exploit this vulnerability by providing an invalid work queue element size wqesize from userspace without proper validation. This can lead to an...

CVE-2026-45858

A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs during the splitting of unwritten data blocks, where a portion of the data may be incorrectly marked as written while still containing stale, uninitialized information. A local attacker could potentially exploit thi...

CVE-2026-45859

A flaw was found in the Linux kernel's netfilter nfnetlinkqueue component. This vulnerability occurs when an application does not set the FGSO capability flag and a Generic Segmentation Offload GSO packet with an unconfirmed netfilter connection nfconn entry is received. Due to an incorrect order...

CVE-2026-45860

A flaw was found in the Linux kernel's netfilter connection counting nfconncount feature. This vulnerability occurs when the system tracks more than eight new connections per jiffy, causing the connection list to not be cleaned up efficiently. A remote attacker could exploit this by rapidly...

CVE-2026-45862

A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit virtualized directed I/O VT-d component. When a freshly allocated PASID Process Address Space ID table is written to a directory entry, the CPU cache flush for this table occurs too late. This creates a time window...

CVE-2026-45861

A flaw was found in the Linux kernel's GFS2 file system. During filesystem shutdown, quota data objects were freed without being properly removed from the Least Recently Used LRU list. This oversight could lead to a use-after-free vulnerability, where the system attempts to access memory that has...

CVE-2026-45864

A flaw was found in the Linux kernel's NTFS3 file system driver. This vulnerability allows a local attacker to trigger an infinite loop when the system attempts to process specific file system data. Successful exploitation can lead to a system hang, resulting in a Denial of Service DoS...

CVE-2026-45863

A flaw was found in the Linux kernel's i3c dw driver. The dwi3cmasteri2cxfers function allocates memory for a transfer structure. However, if a runtime power management operation fails, the allocated memory is not properly released. This oversight leads to a memory leak, which can degrade system...

CVE-2026-45865

A flaw was found in the Linux kernel's Message Control Transport Protocol MCTP over I2C Inter-Integrated Circuit implementation. A local attacker could exploit this vulnerability by performing I2C reads on an MCTP-I2C device. This could lead to the disclosure of uninitialized stack memory,...

CVE-2026-45867

A flaw was found in the Linux kernel, specifically within the power supply subsystem. This vulnerability, a use-after-free, occurs due to a race condition during the removal or initialization of a power supply device. An interrupt can fire after the associated memory for a power supply handle has...

CVE-2026-45866

A flaw was found in the Linux kernel's CAIF serial line discipline. A race condition exists between the ldiscclose function, which frees the terminal tty device, and the handletx function, which may attempt to access the freed device. This use-after-free UAF vulnerability allows a local attacker ...