PT-2026-47759

In the Linux kernel, the following vulnerability has been resolved: tun: free page on build skb failure in tun xdp one When build skb fails in tun xdp one, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhost net build xdp allocated for th...

Linux Distros Unpatched Vulnerability : CVE-2026-46298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can ente...

UBUNTU-CVE-2026-46290

In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...

PT-2026-47793

In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: fix off by one bugs Change these comparisons from vs = to avoid accessing one element beyond the end of the arrays. While at it, use ARRAY SIZE instead of the MAX enum values. fix cosmetic issues...

PT-2026-47757

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tap get user xdp tap get user xdp rejects a frame shorter than ETH HLEN with -EINVAL, and returns -ENOMEM when build skb fails. Both paths jump to the err label without freeing the page that vhost...

PT-2026-47753

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgic its invalidate cache walks the per-ITS translation cache with xa for each and drops the cache's reference on each entry with vgic put irq. ...

PT-2026-47719

In the Linux kernel, the following vulnerability has been resolved: io uring/waitid: clear waitid info before copying it to userspace IORING OP WAITID stores its result fields in struct io waitid::info and later copies them to userspace siginfo. The prep path initializes the request arguments, bu...

UBUNTU-CVE-2026-46286

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

UBUNTU-CVE-2026-46307

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

UBUNTU-CVE-2026-46311

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

UBUNTU-CVE-2026-46313

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...

UBUNTU-CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

UBUNTU-CVE-2026-46294

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

UBUNTU-CVE-2026-46281

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

PT-2026-47790

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkm device leak on aperture removal failure When aperture remove conflicting pci devices fails during probe, the error path returns directly without unwinding the nvkm device that was just allocated by nvkm devi...

Linux Distros Unpatched Vulnerability : CVE-2026-46289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/scatterlist: fix length calculations in extractkvectosg Patch series Fix bugs in extractitertosg, v3. Fix bugs in the kvec and user variants of...

UBUNTU-CVE-2026-46277

In the Linux kernel, the following vulnerability has been resolved: mm/zonedevice: do not touch device folio after calling -foliofree The contents of a device folio can immediately change after calling -foliofree, as the folio may be reallocated by a driver with a different order. Instead of...

PT-2026-47791

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min region sz on damon start Commit d8f867fa0825 "mm/damon: add damon ctx-min sz region" introduced a bug that allows unaligned DAMON region address ranges. Commit c80f46ac228b...

Linux Distros Unpatched Vulnerability : CVE-2026-46295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Do IRR scan in kvmapicupdateirr even if PIR is empty Fall back to apicfindhighestvector when PID.ON is set but PIR turns out to be empty, to correctly...

Linux Distros Unpatched Vulnerability : CVE-2026-46316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach a...