219820 matches found
CVE-2026-46239
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...
CVE-2026-46237
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit db00257ac9e4a51eb2515aaea161a019f7125e10...
CVE-2026-46237 drm/amdgpu/vcn3: Avoid overflow on msg bound check
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit db00257ac9e4a51eb2515aaea161a019f7125e10...
CVE-2026-46238
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...
EUVD-2026-32755
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit db00257ac9e4a51eb2515aaea161a019f7125e10...
EUVD-2026-32754
In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...
CVE-2026-46236
In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...
CVE-2026-46236 media: rc: xbox_remote: heed DMA restrictions
In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...
CVE-2026-46236
The CVE-2026-46236 entry concerns the Linux kernel, specifically the media: rc: xbox_remote path. The issue arises because a buffer for IO is placed within the device structure, which violates DMA coherency rules. Concrete details provided in connected documents confirm the affected component (xb...
EUVD-2026-32753
In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...
CVE-2026-46234 vsock: fix buffer size clamping order
In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...
CVE-2026-46234
In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...
CVE-2026-46234
The CVE-2026-46234 entry concerns the Linux kernel vsock subsystem. The bug is in vsock_update_buffer_size(), where buffer_size was clamped to the maximum first, then to the minimum; if min > max, the minimum check could override the maximum, allowing vsk->buffer_size to exceed vsk->buff...
EUVD-2026-32751
In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: only purge non-released claims When batadvblapurgeclaims goes through the list of claims, it is only traversing the hash list with an rcureadlock. Due to a potential parallel batadvclaimput, it can happen that it...
CVE-2026-46233
In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: only purge non-released claims When batadvblapurgeclaims goes through the list of claims, it is only traversing the hash list with an rcureadlock. Due to a potential parallel batadvclaimput, it can happen that it...
EUVD-2026-32859
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...
CVE-2026-46232
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...
CVE-2026-46232 HID: playstation: Clamp num_touch_reports
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...
CVE-2026-46232
The CVE-2026-46232 entry concerns the Linux kernel HID PlayStation driver. A flaw allows a device to report more touch_reports than the array can hold, risking an out-of-bounds read in dualshock4_parse_report and potentially exposing up to ~2 KiB of kernel memory when DS4_TOUCH_POINT_INACTIVE is ...
CVE-2026-46231
In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: put backbone reference on failed claim hash insert When batadvblaaddclaim fails to insert a new claim into the hash, it leaked a reference to the backbonegw for which the claim was intended. Call...