CVE-2026-45919

CVE-2026-45919 relates to Linux kernel sched/rt self-IPI loops caused by LB on CPU0. A patch fixes the issue by filtering out the initiating CPU in rto_next_cpu to prevent self-IPIs and CPU hardlockups. Public OSV entries show Root:Ubuntu patches (e.g., ROOT-OS-UBUNTU-2404-CVE-2026-45919 and ROOT...

CVE-2026-45918

CVE-2026-45918 concerns a race condition in the Linux kernel related to OpenVPN TCP handling. When a peer is kept alive and later removed, the kernel temporarily places the peer in a release list and detaches from the socket by restoring its proto and socket callbacks. If userspace closes the soc...

CVE-2026-45917

The CVE-2026-45917 issue affects the Linux kernel IP Virtual Server (IPVS) component, where a race between the netdev notifier and the destination cache for a closing device could leak a device reference until the destination is removed. Root cause: the code caches dest_dst with a device that is ...

CVE-2026-45916 power: supply: sbs-battery: Fix use-after-free in power_supply_changed()

In the Linux kernel, the following vulnerability has been resolved: power: supply: sbs-battery: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

CVE-2026-45916

CVE-2026-45916 affects the Linux kernel power_supply (sbs-battery) driver. The issue is a race between IRQ handling and power_supply handle lifecycle: requesting IRQ with devm_ before allocating/registering the power_supply handle can cause an interrupt after the handle is freed but before IRQ un...

CVE-2026-45914

CVE-2026-45914 affects the Linux kernel hwmon ibmpex driver, where a race during sensor deletion can race with userspace access to a freed sensor data structure, causing a use-after-free and potential crash. The description notes that the patch reverting the previous fix (6946c726…) may introduce...

CVE-2026-45913 net: bridge: mcast: always update mdb_n_entries for vlan contexts

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: always update mdbnentries for vlan contexts syzbot triggered a warning1 about the number of mdb entries in a context. It turned out that there are multiple ways to trigger that warning today some got added...

CVE-2026-45912

In the Linux kernel, the following vulnerability has been resolved: ext4: don't cache extent during splitting extent Caching extents during the splitting process is risky, as it may result in stale extents remaining in the status tree. Moreover, in most cases, the corresponding extent block entri...

CVE-2026-45909 clk: mediatek: Drop __initconst from gates

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Drop initconst from gates Since commit 8ceff24a754a "clk: mediatek: clk-gate: Refactor mtkclkregistergate to use mtkgate struct" the mtkgate structs are no longer just used for initialization/registration, but also...

CVE-2026-45909

CVE-2026-45909 pertains to the Linux kernel Mediatek clock-gate driver. The fix removes __initconst from mtk_gate structures because, since commit 8ceff24a... the gate structs are used at runtime, not just for initialization. Documents indicate this resolves a runtime-access issue with potentiall...

CVE-2026-45908

The CVE-2026-45908 issue affects the Linux kernel’s accel/amdxdna component, specifically amdxdna_ubuf_map. The function allocates memory for sg and internal sg table structures but does not free them if subsequent operations (sg_alloc_table_from_pages or dma_map_sgtable) fail, resulting in a mem...

CVE-2026-45907

CVE-2026-45907 details a Linux kernel mlx5e netdev deadlock caused by incorrect lock ordering between devlink, rtnl, and netdev locks during recovery paths. The fix modifies several recovery flows to move netdev_trylock usage from lower-level work handlers to earlier points in the call chain (as ...

CVE-2026-45906

The CVE-2026-45906 issue affects the Linux kernel power supply driver (pf1550). It describes a race where requesting IRQs with devm_ before the power_supply handle is allocated/unregistered can lead to a use-after-free: an interrupt may fire after the power_supply handle is freed but before the I...

CVE-2026-45906 power: supply: pf1550: Fix use-after-free in power_supply_changed()

In the Linux kernel, the following vulnerability has been resolved: power: supply: pf1550: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

CVE-2026-45905 xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...

CVE-2026-45903 bpf: Fix memory access flags in helper prototypes

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

CVE-2026-45902

CVE-2026-45902 is a Linux kernel race-condition use-after-free in the bq256xx power-supply driver. The bug occurs when IRQs are requested before the power_supply handle is fully registered, allowing an interrupt after the handle is freed or before registration, leading to power_supply_changed() o...

CVE-2026-45902 power: supply: bq256xx: Fix use-after-free in power_supply_changed()

In the Linux kernel, the following vulnerability has been resolved: power: supply: bq256xx: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

CVE-2026-45900

The CVE-2026-45900 issue is in the Linux kernel crypto: caam module. During dpaa2_caam_probe, netdevs allocated for DPIO setup could leak if dpaa2_dpseci_dpio_setup() fails and the cleanup path in dpaa2_dpseci_free() did not consider previously allocated nets. The fix preserves the CPU mask of al...

CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...