259 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: airoha: Fix use-after-free in metadata dst teardown airohametadatadstfree runs metadatadstfree which frees the metadatadst with kfree immediately, bypassin...
CVE-2026-53247
CVE-2026-53247: Linux kernel MTK ethernet driver (mtk_eth_soc) fix for use-after-free in metadata_dst teardown. mtk_free_dev() previously called metadata_dst_free() (kfree’d immediately, bypassing RCU). In RX, skb_dst_set_noref() kept non-refcounted pointers to metadata_dst; freed memory could ra...
CVE-2026-53157
The CVE-2026-53157 issue affects the Linux kernel’s phonet code: phonet_device is removed from the per-net device list with list_del_rcu(), but freed immediately, creating a use-after-free for readers that still hold pointers. The root cause is mismatched lifetime management; the fix switches to ...
PT-2026-52322
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the openvswitch component where the allocation of the reply skb socket buffer may occur either before or after locking the ovs mutex. If the allocation happens after...
CVE-2026-52955
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...
CVE-2026-52955
The CVE-2026-52955 vulnerability affects the Linux kernel’s libceph crush_decode(). A CEPH_MSG_OSD_MAP containing a crush map with at least one bucket could have two bucket algorithm fields (alg and b->alg) that differ, leading to potential out-of-bounds access during allocation or destruction...
CVE-2026-52955 libceph: Fix potential out-of-bounds access in crush_decode()
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The delay module was unloaded while the fabric scan was in progress. This led to a system crash during the load/unload test. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086...
PT-2026-51849
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the libceph component allows a remote attacker to cause a system crash and a Denial of Service DoS by sending a specially crafted CEPH MSG OSD MAP message. The issue occurs in...
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()
A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...
CLSA-2026-1780132171 Fix of 25 CVEs
CVE-2025-68724 - crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid CVE-2025-68724 CVE-2025-71196 - phy: stm32-usphyc: Fix off by one in probe CVE-2025-71196 CVE-2026-23033 - dmaengine: omap-dma: fix dmapool resource leak in error paths CVE-2026-23033 CVE-2026-23049 -...
SUSE CVE-2026-45959
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...
CVE-2026-46020
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...
CVE-2026-45853
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...
EUVD-2026-32401
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...
CVE-2026-46020
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...
CVE-2026-45853 drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...
CVE-2026-45853
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...
CVE-2026-45959
crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree...
PT-2026-43887
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description Privileged users can trigger an out-of-bounds memory access via DAMON SYSFS. The issue occurs because the node ID in damos quota goal-nid for node mem used bp and node mem free bp is used i...