CVE-2026-45992

A flaw was found in the ALSA caiaq driver in the Linux kernel. This vulnerability occurs due to a potential leftover ep1inurb in the error path of setupcard. An attacker could potentially exploit this to cause a resource leak, which may lead to a denial of service...

CVE-2026-45994

A flaw was found in the Linux kernel's ibmasm module. This vulnerability, an out-of-bounds read in the commandfilewrite function, allows an attacker to cause the system to read beyond the intended memory boundaries. By manipulating the allocation size and header fields, an attacker can trigger th...

CVE-2026-45997

A flaw was found in the Linux kernel's SCSI disk sd driver. When adding a new device, a failure in deviceadd can lead to a resource leak where a gendisk remains referenced but is not properly freed. This missing cleanup, specifically the putdisk call, can result in resource exhaustion. A local...

CVE-2026-45996

A flaw was found in the Linux kernel, specifically within the spi: imx driver. This vulnerability, known as a use-after-free, occurs when the system attempts to access memory that has already been released, leading to unpredictable behavior. A local attacker could potentially exploit this issue t...

CVE-2026-45998

A flaw was found in the Linux kernel's rxrpc subsystem. This vulnerability arises when the system attempts to unshare a packet buffer, and the operation fails due to an allocation issue. This failure can lead to a Use-After-Free UAF condition, where the system attempts to access memory that has...

CVE-2026-46000

A flaw was found in the Linux kernel's rxrpc component. Security operations that decrypt RESPONSE packets in place may share the socket buffer skbuff with a packet sniffer. This could allow a local attacker or an attacker with network access to intercept and view decrypted portions of these...

CVE-2026-46001

A flaw was found in the Linux kernel's hwmon pt5161l driver. The pt5161lreadblockdata function is vulnerable to a buffer overrun, where it can receive more data than its allocated buffer size. This can lead to memory corruption. Additionally, the function may return an unexpected positive value o...

CVE-2026-46004

A flaw was found in the Linux kernel, specifically within the ALSA caiaq driver. This vulnerability arises from improper error handling during the setupcard probe procedure. When an error occurs, the system may attempt to use memory that has already been freed, leading to a Use-After-Free UAF...

CVE-2026-46003

A flaw was found in the Linux kernel's qrtr nameserver. A malicious client can exploit this vulnerability by registering an excessive number of random nodes. This uncontrolled resource consumption leads to memory exhaustion, resulting in a Denial of Service DoS for the system...

CVE-2026-46007

A flaw was found in the Linux kernel's hwmon powerz component. This vulnerability is caused by cacheline sharing between the transfer buffer and a mutex during Direct Memory Access DMA operations. This architectural issue can lead to unexpected behavior or data corruption, impacting system...

CVE-2026-46006

A flaw was found in the Linux kernel's drm/nouveau driver. An integer overflow vulnerability exists in the nouveaugempushbufrelocapply function. This occurs when a 32-bit unsigned integer relocbooffset is used in a bounds check, and the addition of a small value can cause it to wrap around, leadi...

CVE-2026-46005

A flaw was found in the Linux kernel's xfs filesystem. This resource leak occurs in the xfsallocbuftarg function's error path, where a DAX Direct Access device reference is not properly dropped. An attacker could potentially exploit this flaw to cause resource exhaustion, leading to a Denial of...

CVE-2026-46009

A flaw was found in the Linux kernel, specifically within the PCI endpoint NTB Non-Transparent Bridge module. A programming error involving a duplicate resource teardown in the epfntbepcdestroy function can lead to a kernel 'oops', which is a system crash. This issue can be triggered during PCI...

CVE-2026-46008

A flaw was found in the Linux kernel's Data Access MONitor DAMON subsystem. A race condition exists in the memory management component, specifically during the exit process of kdamondfn and the registration of damoswalk requests. This vulnerability allows a local attacker to trigger a deadlock,...

CVE-2026-46010

A flaw was found in the Linux kernel's rxrpc component. Missing error handling in the rxgkextracttoken function, specifically when rxgkdecryptskb returns an out-of-memory error -ENOMEM, could lead to an unexpected system abort. This vulnerability could allow a local attacker to cause a Denial of...

CVE-2026-46011

A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...

CVE-2026-46013

A flaw was found in the Linux kernel. An issue in the memfdluo component, specifically within the putfolios cleanup path of memfdluoretrievefolios, leads to incorrect physical address conversion and a missing check for sparse file holes. This could result in incorrect memory handling, potentially...

CVE-2026-46014

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM and Secure Virtual Machine SVM components. This vulnerability is due to missing save and restore handling for Last Branch Record LBR Model Specific Registers MSRs and MSRIA32DEBUGCTLMSR. A local attacker with access to a...

CVE-2026-46016

A flaw was found in the Linux kernel's remoteproc xlnx component. This vulnerability occurs when the system attempts to process an Inter-Processor Interrupt IPI message without properly verifying its contents. An attacker could exploit this by causing the system to access an invalid memory...

CVE-2026-46019

A flaw was found in the Linux kernel's atmel-aes cryptographic driver. The atmelaesbuffcleanup function incorrectly deallocates memory, leading to a memory leak. Specifically, while atmelaesbuffinit allocates four pages of memory, atmelaesbuffcleanup only frees one page, resulting in three pages ...