CVE-2026-45972

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability, within the smb2openfile function, could allow an attacker to cause memory corruption due to improper handling of memory during file open operations. This could lead to system instability or potentially...

CVE-2026-45973

A flaw was found in the Linux kernel's RDMA/mlx5 driver. A race condition during firmware reset in Link Aggregation Group LAG mode can cause the driver to hang indefinitely while waiting for Unregister Memory Region UMR completion during device unload. This can lead to a denial of service, making...

CVE-2026-45974

A flaw was found in the Linux kernel's btrfs filesystem. The btrfsquotaenable function contains a logic error where it attempts to access an invalid memory location if a specific key is not found during a search operation. This incorrect handling of search results can lead to invalid leaf access,...

CVE-2026-45976

A flaw was found in the Linux kernel's drm/amdgpu driver. When the amdgpunbiorasswinit function fails during the amdgpurasinit process, an allocated memory structure is not properly released. This oversight results in a memory leak. Over time, this memory leak could potentially lead to system...

CVE-2026-45975

A flaw was found in the Linux kernel's ublk subsystem. A local attacker could exploit a race condition where the kernel reads struct ublksrvctrlcmd from userspace-mapped memory without proper synchronization. This allows a malicious user to concurrently write to the structure, potentially causing...

CVE-2026-45977

A flaw was found in the Linux kernel's fbnic Fibre Channel over Ethernet Network Interface Card driver. A race condition exists in the handling of firmware logs, where the log can be freed while still being accessed. This can lead to a use-after-free vulnerability, potentially allowing an attacke...

CVE-2026-45978

A flaw was found in the Linux kernel's Greybus Lights subsystem. This vulnerability occurs when the gblightslightconfig function attempts to store a channel count before successfully allocating the corresponding channels array. If the memory allocation fails, a subsequent cleanup operation can tr...

CVE-2026-45982

A flaw was found in the Linux kernel. A NULL pointer dereference in the acpievaddressspacedispatch function could allow a local attacker to cause a denial of service DoS by triggering a missed execution path. This vulnerability arises from an incomplete check in the Advanced Configuration and Pow...

CVE-2026-45980

A flaw was found in the Linux kernel's accel/amdxdna driver. A local user could exploit this vulnerability by running jobs on a hardware context while it is in the process of releasing resources. This improper job scheduling can lead to a use-after-free condition, resulting in system crashes and ...

CVE-2026-45979

A flaw was found in the Linux kernel's amdgpu graphics driver. When the system experiences low memory conditions, a specific cleanup routine within the amdgpucsparserbos function may fail to properly unlock a mutex. This oversight can lead to resource contention, potentially causing a denial of...

CVE-2026-45981

A flaw was found in the Linux kernel, specifically within the s390/cio component. This vulnerability stems from incorrect device lifecycle management during subchannel allocation. This could allow an attacker to trigger use-after-free or double-free conditions, potentially leading to system...

CVE-2026-45983

A flaw was found in the Linux kernel's Network File System version 4 NFSv4 daemon nfsd. When processing NFSv4 requests, delayed responses from idmap lookups can cause requests to be dropped. This issue prevents the session slot from being properly cleared, leading to subsequent client requests...

CVE-2026-45984

A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...

CVE-2026-45990

A flaw was found in the Linux kernel. This vulnerability, a type of memory corruption, occurs within the krealloc and kvrealloc memory reallocation functions. When memory objects are resized or moved, these functions can incorrectly calculate the amount of data to copy, leading to an out-of-bound...

CVE-2026-45989

A flaw was found in the Linux kernel, specifically within the testdrvprobe function. This vulnerability, known as a use-after-free, occurs because the system prematurely releases a memory reference and then attempts to access that freed memory. This can be triggered by a local user, potentially...

CVE-2026-45985

A flaw was found in the Linux kernel's ext4 filesystem. When allocating blocks for direct I/O DIO and writeback, an incorrect flag handling during extent splitting could lead to a mismatch between the on-disk extent status and the extent status tree. This issue, particularly when a temporary erro...

CVE-2026-45988

A flaw was found in the Linux kernel's rxrpc subsystem. When an rxrpc RESPONSE packet experiences a temporary processing failure, it may enter a partially decrypted state and be re-queued for another attempt. This incorrect handling of partially decrypted packets could lead to communication...

CVE-2026-45986

A flaw was found in the Linux kernel's cryptographic module, specifically within the ccmacdigest function of the ccree component. This vulnerability is a memory leak that occurs when a specific mapping operation fails to release allocated memory. Over time, this unreleased memory could lead to a...

CVE-2026-45991

A flaw was found in the Linux kernel's Universal Disk Format UDF filesystem. A remote attacker could exploit this vulnerability by tricking a user into mounting a specially crafted UDF image containing repeated partition descriptors. This could lead to a heap out-of-bounds write, potentially...

CVE-2026-45993

A flaw was found in the Linux kernel, specifically affecting the LoongArch architecture. The system call syscall dispatch table, which handles requests from user programs, does not properly validate the syscall number provided by userspace. This missing boundary check could allow a local attacker...