CVE-2026-46109

A flaw was found in the Linux kernel's USB ULPI Ultra Low Pin Interface subsystem. This memory leak vulnerability occurs during error handling in the ulpiregister function. If certain registration failures occur, allocated memory is not properly released, which could lead to resource exhaustion a...

CVE-2026-46112

A flaw was found in the Linux kernel's RDMA/hns component. An issue exists where the hnsroceqpremove function is called without proper locking during an error handling process. This can lead to memory corruption, potentially causing system instability or a denial of service DoS condition. A local...

CVE-2026-46118

A flaw was found in the Linux kernel's pseries/papr-hvpipe component. A local user could trigger a null pointer dereference in the paprhvpipedevcreatehandle function. This occurs when srcinfo is improperly re-used after being nulled, leading to a kernel panic. This vulnerability could result in a...

CVE-2026-46122

A flaw was found in the Linux kernel's b43 Wi-Fi driver. A remote attacker could exploit this vulnerability by providing a specially crafted firmware key index that exceeds the allocated array size in the b43rx function. This out-of-bounds read could lead to information disclosure, potentially...

CVE-2026-46124

A flaw was found in the Linux kernel's isofs filesystem. An authenticated NFS Network File System peer can exploit this vulnerability by providing a specially crafted file handle. This allows the server to read arbitrary in-range blocks on the backing device, leading to information disclosure whe...

CVE-2026-46129

A flaw was found in the Linux kernel, specifically within the btrfs filesystem. This vulnerability, a double free, occurs in the createspaceinfo function's error handling path. When an internal object initialization fails, the system attempts to release memory twice for the same resource. This ca...

CVE-2026-46131

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 virtualization module. An incorrect check for nested EPT/NPT Nested Extended Page Tables/Nested Nested Page Tables in slow flush hypercalls could lead to improper handling of L2 guests. This vulnerability arises because t...

CVE-2026-46128

A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI subsystem. This vulnerability occurs when the kernel processes event message buffer responses from Baseboard Management Controllers BMCs. Some BMCs may return an empty message instead of an expected error, which...

CVE-2026-46134

A flaw was found in the Linux kernel's crosectypec component. This vulnerability occurs because a mutex, a mechanism used to prevent simultaneous access to shared resources, was not properly initialized during Thunderbolt registration. This oversight can lead to a NULL dereference, potentially...

CVE-2026-46140

A flaw was found in the Linux kernel's Bluetooth subsystem, specifically within the btmtk driver. A remote attacker could exploit this vulnerability by sending a specially crafted Wireless Management Terminal WMT event response. The system processes these responses without properly validating the...

CVE-2026-46143

A flaw was found in the Linux kernel's ASoC Advanced Linux Sound Architecture on Chip qcom q6apm-lpass-dai component. This vulnerability occurs because the prepare function can be invoked multiple times, leading to repeated graph openings for the playback path. This can result in memory leaks,...

CVE-2026-46142

A flaw was found in the Linux kernel's libwx network driver. When a Virtual Function VF is initialized, it attempts to read a Physical Function PF restricted register, WXCFGPORTST. This illegal register access can lead to a system hang, resulting in a Denial of Service DoS...

CVE-2026-46141

A flaw was found in the Linux kernel's powerpc/xive interrupt controller. This vulnerability, identified as a kernel memory leak kmemleak, occurs when allocating Message Signaled Interrupts eXtended MSI-X vectors for NVMe devices. Due to an incorrect lookup of interrupt data, the xiveirqdata...

CVE-2026-46144

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the mana driver. During an error unwind in the manaibcreateqprss function, a resource leak occurs where manaibcfgvportsteering is not properly cleaned up. This vulnerability could lead to resour...

CVE-2026-46148

A flaw was found in the Linux kernel's microchip-core-qspi driver. When multiple devices are connected to the QSPI controller, the built-in chip select CS was automatically set to an active state even when Linux attempted to access a device using a General Purpose Input/Output GPIO pin for its ch...

CVE-2026-46154

A flaw was found in the Linux kernel, specifically within the schedext component. This vulnerability, a use-after-free, occurs in the cgroup setters when the scxroot pointer is cached before a required lock is acquired. This can lead to a stale pointer if a scheduler is disabled and then...

CVE-2026-46153

A flaw was found in the Linux kernel's 8021q VLAN module. This vulnerability occurs because cleared egress Quality of Service QoS mappings are not properly deleted, leading to an accumulation of mapping nodes. An attacker could repeatedly set and clear egress priority mappings, causing a memory...

CVE-2026-46161

A flaw was found in the Linux kernel's md/raid10 module. This vulnerability allows a local user to trigger a divide-by-zero error within the setupgeo function by supplying a malformed layout parameter where the farcopies value is set to zero. Successful exploitation of this flaw can lead to a...

CVE-2026-46156

A flaw was found in the Linux kernel's LoongArch architecture. An issue in the loongsongpufixupdmahang function, specifically with incorrect handling of device IDs when a discrete GPU is inserted, can lead to an Address Data Error ADE. This flaw may allow a local attacker to trigger a kernel pani...

CVE-2026-46165

A flaw was found in the Linux kernel's openvswitch vport component. This vulnerability arises during the release of tunnel ports, where a self-deadlock can occur. This prevents the vport from being properly freed and its references released, leading to a system deadlock during device removal. Suc...