CVE-2026-46021

A flaw was found in the Linux kernel's thermal management subsystem. This vulnerability can lead to a memory leak if a thermal governor is not correctly cleaned up during device registration failures. More critically, a race condition during thermal zone unregistration, where a governor update...

CVE-2026-46022

A flaw was found in the Linux kernel's ibmasm module. A compromised service processor can exploit this by manipulating specific hardware registers, causing the system to read data from an unintended memory location. This out-of-bounds read can lead to a system crash, resulting in a Denial of...

CVE-2026-46024

A flaw was found in the Linux kernel's libceph component. A remote attacker could send a specially crafted authentication reply message to trigger a null pointer dereference. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS for affected systems. Mitigation To...

CVE-2026-46026

A flaw was found in the Linux kernel's QRTR Qualcomm IPC Router nameserver. A malicious local client can exploit this by sending an unbounded number of NEWLOOKUP messages. This can lead to resource exhaustion, causing a Denial of Service DoS for the system. The vulnerability is addressed by...

CVE-2026-46027

A flaw was found in the Linux kernel's net/smc component. A remote attacker could exploit this by sending a Connection Less Connection CLC decline message during an early handshake stage. This causes the system to attempt to update link-group level synchronization state before it is properly...

CVE-2026-46030

A flaw was found in the Linux kernel's EDAC/versalnet component. The mcprobe function fails to release a devicenode reference obtained from ofparsephandle. This oversight leads to a memory leak, which could potentially result in a Denial of Service DoS condition due to resource exhaustion...

CVE-2026-46028

A flaw was found in the Linux kernel's algifaead Authenticated Encryption with Associated Data subsystem. Asynchronous async requests for AEAD operations use a shared initialization vector IV buffer. This shared state can be modified by subsequent socket activity before an async request fully...

CVE-2026-46029

A flaw was found in the Linux kernel. In uniprocessor UP kernel configurations, a race condition can occur within the slab memory allocator when kmallocnolock is invoked from a Non-Maskable Interrupt NMI context. This allows the allocator to attempt to acquire a spinlock that is already held,...

CVE-2026-46031

A flaw was found in the Linux kernel's ks8851 network driver. Under specific conditions related to network packet processing and interrupt handling, a race condition can occur. This vulnerability can lead to a system deadlock, causing the affected system to become unresponsive or crash...

CVE-2026-46034

A flaw was found in the Linux kernel's vfio/cdx module. A local user can cause a system crash by improperly configuring Message Signaled Interrupts MSI before they are set up. This can lead to a NULL pointer dereference, resulting in a Denial of Service DoS for the system...

CVE-2026-46038

A flaw was found in the Linux kernel's qrtr nameserver component. When a node sends a BYE packet, the nameserver fails to free the associated node memory, leading to a memory leak. This vulnerability can result in resource exhaustion over time, potentially impacting system stability and...

CVE-2026-46036

A flaw was found in the Linux kernel's vfio/cdx component. A race condition can occur during concurrent VFIODEVICESETIRQS ioctls input/output control calls, specifically within the vfiocdxsetmsitrigger function. This allows two callers to interact in a way that leads to a use-after-free...

CVE-2026-46042

A flaw was found in the Linux kernel's memory management policy mm/mempolicy component, specifically within the weightedinterleaveautostore function. This vulnerability allows a local user to repeatedly trigger memory leaks by writing specific values. The continuous memory allocation without prop...

CVE-2026-46041

A flaw was found in the Linux kernel's greybus subsystem. This vulnerability occurs when a function attempts to pause its execution while holding a critical system lock, a condition known as 'sleep in atomic context'. This improper handling can lead to a system crash, making the system unavailabl...

CVE-2026-46044

A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI SSIF SMBus System Interface driver. If an error occurs after a kernel thread kthread is created but before the main IPMI code initializes the SSIF interface, the kthread may not be properly stopped. This could...

CVE-2026-46049

A flaw was found in the ALSA Advanced Linux Sound Architecture ctxfi driver in the Linux kernel. When processing S/PDIF Sony/Philips Digital Interface Format passthrough playback at 32000 Hz, a missing update to the pllrate can cause an infinite loop. This can lead to a denial of service DoS for ...

CVE-2026-46058

A flaw was found in the Linux kernel, specifically within the amphion video processing unit VPU driver. A race condition, a situation where multiple operations occur in an unpredictable order, exists in the Video for Linux 2 V4L2 media-to-memory m2m framework. This vulnerability allows a local...

CVE-2026-46057

A flaw was found in the Linux kernel's Landlock security module regarding the inheritance of LOGSUBDOMAINSOFF across process forks. When a process mutes subdomain logs using landlockrestrictself without creating a domain, this setting is not properly transferred to forked child processes...

CVE-2026-46060

A flaw was found in the Linux kernel's crypto: qat driver. This vulnerability occurs when the driver fails during device initialization, leading to Interrupt Request IRQ handlers not being properly detached before their associated resources are released. This improper cleanup can result in resour...

CVE-2026-46063

A flaw was found in the Linux kernel. A deadlock can occur during the shadow stack signal return shstk sigreturn process on x86 systems. This happens when the kernel attempts to read the shadow stack signal frame, and a page fault occurs, leading to a recursive attempt to acquire an mmap read loc...