224093 matches found
CVE-2026-45888
The Linux kernel md/raid1 subsystem fixes a memory leak in raid1_run. When setup_conf() registers a thread via md_register_thread() and raid1_set_limits() fails, the error path previously didn’t unregister the thread, leaking md_thread and the thread resource. The patch adds md_unregister_thread(...
CVE-2026-45886 bpf: Fix bpf_xdp_store_bytes proto for read-only arg
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfxdpstorebytes proto for read-only arg While making some maps in Cilium read-only from the BPF side, we noticed that the bpfxdpstorebytes proto is incorrect. In particular, the verifier was throwing the following error...
CVE-2026-45887 af_unix: Fix memleak of newsk in unix_stream_connect().
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...
CVE-2026-45887
In the Linux kernel af_unix code, the vulnerability relates to a memleak of the new socket (newsk) in unix_stream_connect(). If prepare_peercred() fails during unix_stream_connect(), unix_release_sock() is not called for the newsk, causing a memory leak. The fix moves prepare_peercred() before un...
CVE-2026-45885
In CVE-2026-45885, a race in the Linux kernel’s CPCAP battery driver is fixed: requesting the IRQ with devm_ before or after registering the power_supply handle can lead to use-after-free in power_supply_changed(). The race occurs when the power_supply handle is freed/unregistered before the IRQ ...
CVE-2026-45884
The CVE-2026-45884 issue affects the Linux kernel’s AppArmor path, where aa_get_buffer() decrements cache->hold when pulling from the per-CPU list. If hold hits 0 while count is non-zero, the unsigned decrement can wrap to UINT_MAX, keeping hold non-zero and preventing aa_put_buffer() from ret...
CVE-2026-45882 power: supply: pm8916_bms_vm: Fix use-after-free in power_supply_changed()
In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916bmsvm: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
CVE-2026-45883
The CVE-2026-45883 entry concerns the Linux kernel iio:sca3000 driver. A resource leak occurs where spi->irq allocated via request_threaded_irq() is not released if iio_device_register() fails during sca3000_probe(). The fix adds a return-value check and jumps to a common error handler to ensu...
CVE-2026-45882
CVE-2026-45882 — mode C summary Context: Linux kernel vulnerability related to power supply handling in the pm8916_bms_vm path. What is affected: The issue occurs when the devm_ variant is used for requesting an IRQ before the devm_ variant that allocates/registers the power_supply handle. This c...
CVE-2026-45881 soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()
In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: svs: Fix memory leak in svsenabledebugwrite In svsenabledebugwrite, the buf allocated by memdupusernul is leaked if kstrtoint fails. Fix this by using freekfree to automatically free buf, eliminating the need for...
CVE-2026-45879
In CVE-2026-45879, the Linux kernel power: supply: bq25980 issue is a use-after-free caused by requesting the IRQ with the devm_ path before registering the power_supply handle. The race can occur during removal (IRQ firing after the power_supply handle is freed but before IRQ unregistration) or ...
CVE-2026-45877 HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...
CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...
CVE-2026-45875 mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Fix regulator resource leak on wm5102clearwritesequencer failure The wm5102clearwritesequencer helper may return an error and just return, bypassing the cleanup sequence and causing regulators to remain enabled,...
CVE-2026-45874
The CVE-2026-45874 entry concerns the Linux kernel component for Freescale IMX8QM HSIO. The vulnerability arises when probing the driver: the refclk_pad pointer may be NULL if the device tree property fsl,refclk-pad-mode is not defined, yet imx_hsio_configure_clk_pad() uses this pointer unconditi...
CVE-2026-45873
The CVE concerns the Linux kernel netfilter component nft_set_rbtree. It fixes an issue where the partial overlap detection logic incorrectly skipped overlap checks for start elements in anonymous sets that use an optimized adjacent-interval representation (end element omitted). Specifically, two...
CVE-2026-45868
CVE-2026-45868 concerns the Linux kernel: a refcount leak in pinctrl: single during pcs_add_gpio_func(), caused by of_parse_phandle_with_args() returning a device_node with an incremented refcount that isn’t released while iterating phandles. The fix adds of_node_put() to release the reference af...
CVE-2026-45867
The CVE relates to the Linux kernel, targeting the power_supply subsystem (act8945a). Root cause: using devm_ IRQ request before allocating/registering the power_supply handle creates a race where the IRQ can fire after the power_supply has been freed, or before it is initialized, leading to use-...
CVE-2026-45865
The CVE affects the Linux kernel mctp i2c subsystem. The issue arises in the i2c event handler read path where reads could return an uninitialised value (stack u8) for i2c-aspeed and i2c-npcm7xx; a fix now sets reads to 0xff. Affected scenario involves mctp-i2c devices and reads such as i2ctransf...
CVE-2026-45864 fs/ntfs3: prevent infinite loops caused by the next valid being the same
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...