PT-2026-47378

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array-index-out-of-bounds access exists in the ath5k WiFi driver. The issue occurs within the ath5k tasklet tx function in the drivers/net/wireless/ath/ath5k/base.c file. Specifically...

Important: nvidia-fabricmanager

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1816)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1816 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault CVE-2026-31456 In the Linux kernel, the following vulnerability h...

ROS-20260608-73-0001

The vulnerability of the cifsgetspnegokey function in the cifs.upcall tool of the cifs-utils package in Linux kernel systems is related to the lack of authentication for the critical function. Exploiting this vulnerability can allow an attacker to elevate their privileges to root and execute...

PT-2026-47361

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract kvec to sg Patch series "Fix bugs in extract iter to sg", v3. Fix bugs in the kvec and user variants of extract iter to sg. This series is growing due to useful remarks made by...

Linux Distros Unpatched Vulnerability : CVE-2026-46313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache CVE-2026-31694 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 AL2...

PT-2026-47385

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3d get extensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a...

PT-2026-47381

In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1 drm cleanup where it should be calling vsp1 vspx...

PT-2026-47350

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix segfault when updating ftrace mask Fix invalid data access by passing right data for debugfs entry. 171.549793 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 171.559248 M...

PT-2026-47348

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix zero-size GDS range init on RDNA4 RDNA4 GFX 12 hardware removes the GDS, GWS, and OA on-chip memory resources. The gfx v12 0 initialisation code correctly leaves adev-gds.gds size, adev-gds.gws size, and adev-gds....

PT-2026-47349

In the Linux kernel, the following vulnerability has been resolved: mm/zone device: do not touch device folio after calling -folio free The contents of a device folio can immediately change after calling -folio free, as the folio may be reallocated by a driver with a different order. Instead of...

PT-2026-47369

In the Linux kernel, the following vulnerability has been resolved: net: libwx: use request irq for VF misc interrupt Currently, request threaded irq is used with a primary handler but a NULL threaded handler, while also setting the IRQF ONESHOT flag. This specific combination triggers a WARNING...

Amazon Linux 2023 : kmod-nvidia-latest-dkms (ALAS2023NVIDIA-2026-294)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-294 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

PT-2026-47366

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrieve status: 1. The code in retrieve status checks that the output string fits into the output buffer...

PT-2026-47353

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vrealloc node align Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

Linux Distros Unpatched Vulnerability : CVE-2026-46276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: fix zero-size GDS range init on RDNA4 RDNA4 GFX 12 hardware removes the GDS, GWS, and OA on- chip memory resources. The gfxv120 initialisation code...

PT-2026-47382

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drm exec to take both locks i.e vm root bo and wptr obj bo to access the mapping data properly. This fixes the security issue of unmap the wptr obj while a queue creation is ...

PT-2026-47376

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: os dep: avoid NULL pointer dereference in rtw cbuf alloc The return value of kzalloc flex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the acce...

PT-2026-47372

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind...