SUSE CVE-2026-46103

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

CVE-2026-45871

A flaw was found in the Linux kernel's Trusted Platform Module TPM subsystem. When the getburstcount function encounters an error, the st33zp24 driver fails to release a previously acquired resource. This oversight can lead to resource exhaustion, potentially allowing a local attacker to cause a...

CVE-2026-45872

A flaw was found in the Linux kernel's scsi: smartpqi driver. The pqireportphysluns function fails to properly release allocated memory buffers under certain error conditions, such as encountering an unsupported data format or failed memory allocation. This oversight leads to a memory leak, which...

CVE-2026-45874

A flaw was found in the Linux kernel, within the phy: freescale: imx8qm-hsio component. This vulnerability occurs when a specific pointer, refclkpad, is not properly initialized and is later used without validation. This can lead to a NULL pointer dereference, which may cause the system to crash...

CVE-2026-45875

A flaw was found in the Linux kernel, specifically within the mfd: arizona driver. When the wm5102clearwritesequencer helper encounters an error, it may fail to properly release system resources regulators. This oversight can lead to a resource leak, potentially causing system instability or a...

CVE-2026-45876

A flaw was found in the Linux kernel. Improper error handling in the archsetshadowstackstatus function, specifically related to allocgcs, could lead to the use of an invalid Global Context Structure GCS address. This issue may allow a local attacker to cause system instability or a denial of...

CVE-2026-45879

A flaw was found in the Linux kernel's bq25980 power supply driver. A race condition during interrupt handling can lead to a use-after-free vulnerability, where the system attempts to access memory that has already been released. This can be triggered when an interrupt fires after the power suppl...

CVE-2026-45880

A flaw was found in the Linux kernel's PCI/P2PDMA subsystem. When the vminsertpage function fails during memory allocation, the system does not properly release a per-CPU reference for the page map. This oversight can lead to a resource leak, causing the memunmappages function to hang indefinitel...

CVE-2026-45882

A flaw was found in the Linux kernel's power supply subsystem, specifically in the pm8916bmsvm driver. A race condition during the deallocation and unregistration of the powersupply handle and its interrupt handler can lead to a use-after-free vulnerability. This allows an interrupt to be process...

CVE-2026-45883

A flaw was found in the Linux kernel, specifically within the iio: sca3000 module. This resource management vulnerability occurs when the iiodeviceregister function fails, as a system resource spi-irq is not properly released. This oversight can lead to a resource leak, potentially impacting syst...

CVE-2026-45884

A flaw was found in the Linux kernel's AppArmor module. A local attacker could exploit an integer underflow vulnerability in the aagetbuffer function. This flaw prevents buffers from being returned to the global list, potentially leading to resource exhaustion and a Denial of Service DoS conditio...

CVE-2026-45885

A flaw was found in the Linux kernel's cpcap-battery power supply driver. A race condition exists during the removal of the powersupply handle, where an interrupt can fire after the handle is freed but before the interrupt handler is unregistered. This use-after-free vulnerability can lead to...

CVE-2026-45887

A flaw was found in the Linux kernel's afunix subsystem. This vulnerability, a memory leak, occurs in the unixstreamconnect function when a specific internal operation fails to release allocated memory. Over time, this unreleased memory could accumulate, potentially leading to system instability ...

CVE-2026-45888

A flaw was found in the Linux kernel's md/raid1 module. This vulnerability occurs when the raid1run function calls setupconf to register a thread, but a subsequent failure in raid1setlimits prevents the proper unregistration of this thread. This oversight leads to a memory leak, consuming system...

CVE-2026-45889

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. This vulnerability occurs due to incorrect accounting for out-of-order OoO data in the mptcprcvbufgrow function. A subtle and very unlikely race condition could lead to a divide-by-zero error, potentially causing a system...

CVE-2026-45890

A flaw was found in the Linux kernel's xen-netback component. A malicious or buggy Xen guest can exploit this by writing a zero value to the 'multi-queue-num-queues' xenbus key. This improper input validation can trigger a warning in the kernel's memory allocation, leading to a guest-to-host Deni...

CVE-2026-45895

A flaw was found in the Linux kernel. A local attacker could exploit a livelock condition between the quotactl and freezesuper operations. This occurs when a filesystem is frozen and the quotactlblock function enters a retry loop, preventing the system from reaching an RCU Read-Copy Update...

CVE-2026-45893

A flaw was found in the Linux kernel's AppArmor security module. This vulnerability occurs when AppArmor attempts to create tables from user-provided data that may be unaligned in memory. A local attacker could exploit this by providing specially crafted input, leading to unaligned memory accesse...

CVE-2026-45896

A flaw was found in the Linux kernel's mtdinteldg driver. This vulnerability occurs because the regions array is accessed before its size nregions is properly set, leading to an out-of-bounds memory access. A local attacker could potentially exploit this issue to cause system instability or a...

CVE-2026-45902

A flaw was found in the Linux kernel's bq256xx power supply driver. A race condition during device removal or probing can lead to a use-after-free vulnerability. This occurs when an interrupt handler attempts to access a power supply handle that has already been freed or is uninitialized. A local...