CVE-2026-46296

A flaw was found in the Linux kernel's s3c64xx Serial Peripheral Interface SPI driver. An issue with incorrect DMA Direct Memory Access channel deallocation during driver unbind could lead to a NULL-pointer dereference. This vulnerability can cause a system crash, resulting in a denial of service...

CVE-2026-46297

A flaw was found in the Linux kernel's libwx network driver. Incorrect handling of virtual function VF miscellaneous interrupts, specifically using requestthreadedirq with a null threaded handler and the IRQFONESHOT flag, can trigger a kernel warning. This issue may lead to system instability or...

CVE-2026-46298

A flaw was found in the Linux kernel, specifically within the pseries/papr-hvpipe component. This vulnerability is a race condition that can occur when an interrupt fires on the same central processing unit CPU while the ioctl or release handlers are executing. This can lead to a deadlock,...

CVE-2026-46301

A flaw was found in the Linux kernel's spi-topcliff-pch driver. This vulnerability, a use-after-free error, occurs when the driver attempts to release Direct Memory Access DMA buffers during an unbind operation without properly flushing its queue. An attacker could potentially exploit this memory...

CVE-2026-46299

A flaw was found in the hfsplus filesystem component of the Linux kernel. An issue exists in the hfsplusfillsuper function where a lock is not properly released during an error handling path. This can occur when certain conditions cause hfspluscatbuildkey to fail during filesystem initialization....

CVE-2026-46302

A flaw was found in the Linux kernel's Security-Enhanced Linux SELinux policy handling. A local attacker could exploit this by opening the /sys/fs/selinux/policy file, which prevents other processes from accessing or reading the kernel's security policy. This could lead to a denial of service DoS...

CVE-2026-46305

A flaw was found in the Linux kernel, specifically within the rtl8723bs staging driver's osdep module. The rtwcbufalloc function does not properly validate the return value of a memory allocation, leading to an unconditional dereference of a potentially NULL pointer. This vulnerability could allo...

CVE-2026-46304

A flaw was found in the Linux kernel's NVMe over TCP nvmet target subsystem. A recursive locking issue can occur when nvmettcpreleasequeuework attempts to flush ctrl-asynceventwork on the same workqueue nvmet-wq that is already processing a task. This can lead to a deadlock, causing a Denial of...

CVE-2026-46306

A flaw was found in the Linux kernel's flow dissector. This vulnerability allows a remote attacker to cause a Denial of Service DoS by sending a specially crafted Point-to-Point Protocol over Ethernet PPPoE Protocol Field Compression PFC frame to an affected system. The incorrect processing of...

CVE-2026-46308

A flaw was found in the Linux kernel, specifically within the pmdomain: mediatek component. An issue in the scpsysgetbusprotectionlegacy function's error handling could lead to a use-after-free vulnerability. This occurs when memory is prematurely released before error checks are completed, which...

CVE-2026-46307

A flaw was found in the Linux kernel's ath5k Wi-Fi driver. This vulnerability allows for an array-index-out-of-bounds write in the ath5ktasklettx function. An attacker could potentially trigger this by manipulating specific index values, leading to a minor data corruption. The immediate impact of...

CVE-2026-46309

A flaw was found in the Linux kernel's drm/xe/uapi component. This vulnerability allows a Graphics Processing Unit GPU using cohnone coherency mode to bypass CPU caches and read stale sensitive data directly from Dynamic Random-Access Memory DRAM. This can lead to information disclosure, where da...

CVE-2026-46311

A flaw was found in the Linux kernel. This vulnerability, located in the drm/amdgpu/userq component, involves improper handling of memory mappings. A local attacker could potentially exploit a race condition during queue creation, where a memory object is unmapped while another is being assigned ...

CVE-2026-46314

A flaw was found in the Linux kernel's drm/v3d component. A local user can exploit this vulnerability by crafting a self-referential multisync extension with zero synchronization counts. This bypasses existing guards, leading to an infinite loop within the kernel. The consequence is a Denial of...

CVE-2026-46313

A flaw was found in the Linux kernel's media subsystem, specifically within the Intel IPU6 driver. This vulnerability occurs when an error pointer is incorrectly dereferenced in an error handling path. An attacker could potentially exploit this flaw to cause a system crash, leading to a Denial of...

CVE-2026-46312

A flaw was found in the videobuf2 subsystem of the Linux kernel. The vb2dmasgmmap function did not correctly set Virtual Memory Area VMA flags, specifically VMDONTEXPAND and VMDONTDUMP. This oversight could lead to a kernel warning and system crash when mapping an imported Direct Memory Access DM...

CVE-2026-46312

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

CVE-2026-46313

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...

CVE-2026-46309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject cohnone PAT index for CPU cached memory in madvise Add validation in xevmmadviseioctl to reject PAT indices with XECOHNONE coherency mode when applied to CPU cached memory. Using cohnone with CPU cached buffer...