896 matches found
CVE-2026-10671
CVE-2026-10671 affects Zephyr kernel: the userspace verifier for k_pipe_init used K_SYSCALL_OBJ(), allowing an unprivileged thread with access to a k_pipe object to re-init a live pipe. This re-initialization clears the ring buffer and wait queues without accounting for current blockers, leaving ...
kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation
A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the traffic control actct path when it is incorrectly configured with non-ingress egress qdiscs queueing disciplines. This can allow a local user with specific privileges to trigger a kernel crash, leading to a denial ...
Linux Distros Unpatched Vulnerability : CVE-2026-53144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non- zero, getqueueids returns NULL. The callers check only ISERR ...
CVE-2026-53086
A flaw was found in the Linux kernel's bcmgenet network driver. This vulnerability arises from an overly aggressive timeout handler that attempts to reset all network transmission queues when only one experiences an issue. This behavior can create race conditions, potentially leading to system...
CVE-2026-53104
A flaw was found in the Linux kernel's mt76 Wi-Fi driver. This vulnerability, a memory leak, occurs when the device is destroyed during module unload. Specifically, the mt76dmacleanup routine fails to properly destroy the pagepool associated with all MT76 receive queues, leading to unreleased...
SUSE CVE-2026-53175
In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...
SUSE CVE-2026-53265
In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...
kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()
A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...
CVE-2026-53143
A flaw was found in the Linux kernel's AMD KFD Kernel Fusion Driver component. This buffer overflow vulnerability occurs due to incorrect memory buffer handling during CRIU Checkpoint/Restore in User-space operations on SDMA System Direct Memory Access queues. A local attacker can exploit this fl...
CVE-2026-53144
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...
EUVD-2026-39216
In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...
CVE-2026-53265 dm cache policy smq: check allocation under invalidate lock
In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...
EUVD-2026-39235
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...
CVE-2026-53144 drm/amdkfd: fix NULL dereference in get_queue_ids()
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...
PT-2026-52271
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists during network namespace teardown. The function fqdir pre exit flushes incomplete fragment queues via inet frag queue flush, which frees queued socket buffe...
Linux Distros Unpatched Vulnerability : CVE-2026-53104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: Fix memory leak destroying device All MT76 rx queues have an associated pagepool even if the queue is not associated to a NAPI e.g. WED RRO queues...
EUVD-2026-38851
In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix BQL imbalance in TX path Fix a possible BQL imbalance in airohadevxmit, where inflight packets are accounted only for the AIROHANUMTXRING netdev TX queues. The queue index is computed as: qid =...
CVE-2026-53086
In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix racing timeout handler The bcmgenettimeout handler tries to take down all tx queues when a single queue times out. This is over zealous and causes many race conditions with queues that are still chugging along...
EUVD-2026-38972
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak destroying device All MT76 rx queues have an associated pagepool even if the queue is not associated to a NAPI e.g. WED RRO queues with WED enabled. Destroy the pagepool running mt76dmacleanup routine...
CVE-2026-53104 wifi: mt76: Fix memory leak destroying device
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak destroying device All MT76 rx queues have an associated pagepool even if the queue is not associated to a NAPI e.g. WED RRO queues with WED enabled. Destroy the pagepool running mt76dmacleanup routine...