CVE-2026-53296

A flaw was found in the Linux kernel, specifically within the mailbox-test component. This vulnerability occurs when channels are not correctly released during a probe error, leading to a memory leak and a Use-After-Free UAF condition. A Use-After-Free UAF is a memory corruption vulnerability tha...

CVE-2026-53280

A flaw was found in the Linux kernel's Input-Output Memory Management Unit IOMMU component. This vulnerability occurs when a default IOMMU domain fails to allocate during the initial probe, leading to a NULL pointer dereference. This can cause a system crash, resulting in a Denial of Service DoS...

Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)

Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter. id: CVE-2020-16248 info: name: Prometheus Blackbox Exporter - Server-Side...

CVE-2026-53325

The CVE-2026-53325 entry describes a Linux kernel fix for the AMD64 AGP driver (agp_amd64_probe). Root cause: when no AMD northbridges are found, cache_nbs() can return a negative error, but the probe checked for exactly -1, masking the hardware absence and allowing initialization to proceed. Res...

CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: a...

CVE-2026-55189

RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage backend without ever calling the IAM authorization function that the FTP write/list handlers and t...

CVE-2026-53305

The CVE-2026-53305 issue is in the Linux kernel driver for ps883x USB Type-C retimers. When unbinding a device to bind to vfio-platform (for example via the platform driver unbind path), an Oops occurs due to a NULL pointer dereference. The root cause is that the driver retrieves its per-client d...

EUVD-2026-39840

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the following Oops: 436.478639 Unable...

CVE-2026-53296

The CVE-2026-53296 entry concerns the Linux kernel mailbox subsystem, specifically the mailbox-test path where channels are freed on probe error. The underlying issue is that channels obtained prior to a probe error must be freed to prevent resource leaks and avoidance of use-after-free (UAF) bec...

EUVD-2026-39901

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...

CVE-2026-53291

CVE-2026-53291 (Linux kernel: ALSA HDA/Conexant) is about a missing error check in cx_probe() for snd_hda_jack_detect_enable_callback(). The function can return an error pointer on failure (e.g., memory allocation), and the code was ignoring this return value. If registration fails, jack-detectio...

CVE-2026-53286

The CVE-2026-53286 issue concerns the Linux kernel IDPF code, specifically an improper handling of auxiliary devices during error paths that can trigger a use-after-free and double-free in iadev structures. In idpf_plug_vport_aux_dev() and idpf_plug_core_aux_dev(), if auxiliary_device_add() fails...

CVE-2026-53280

The CVE-2026-53280 issue affects the Linux kernel IOMMU path. A NULL group->domain could be dereferenced in pci_dev_reset_iommu_done() when a default domain fails to allocate during the first probe, potentially causing a crash at domain->ops->attach_dev invoked by __iommu_attach_device()...

PT-2026-52935

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mailbox-test component where channels are not freed during a probe error. This failure to release resources leads to a memory leak and creates Use-After-Free UAF...

PT-2026-52925

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the idpf driver where a double free and use-after-free occur during auxiliary device error paths. When the auxiliary device add function fails within idpf plug vport a...

UBUNTU-CVE-2026-53261

In the Linux kernel, the following vulnerability has been resolved: devlink: Release nested relation on devlink free devlink relation state is normally released from devlunregister, which calls devlinkrelput. This misses devlink instances that get a nested relation before registration and then fa...

PT-2026-52944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb typec ps883x component where a kernel NULL pointer dereference occurs during device unbinding. This happens because the ps883x retimer remove function attempts...

UBUNTU-CVE-2026-53231

In the Linux kernel, the following vulnerability has been resolved: net: phy: don't try to setup PHY-driven SFP cages when using genphy We don't have support for PHY-driver SFP cages with the genphy code. On top of that, it was found by sashiko that running sfpbusaddupstream for genphy deadlocks,...

PT-2026-52930

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA hda/conexant component where the cx probe function fails to verify the return value of snd hda jack detect enable callback. This function returns a pointer th...

UBUNTU-CVE-2026-53142

In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe-info.probedisplay. It gets set to false if there's no display aft...