CVE-2026-46121 mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...

CVE-2026-46121

The CVE-2026-46121 entry maps to a Linux kernel fix in mm/damon/sysfs-schemes: protecting memcg_path kfree() with damon_sysfs_lock to prevent use-after-free when reading/writing the DAMON sysfs memcg_path). The issue arose because user-driven reads/writes of memcg_path were not synchronized with ...

CVE-2026-43433

The CVE-2026-43433 entry refers to a Linux kernel issue in the rust_binder component: a TOCTOU opportunity where a local process that can write to its own VMA could alter the offsets array before it is read back during a transaction, potentially enabling privilege escalation to the sender. The fi...

CVE-2026-43119

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

DEBIAN-CVE-2022-50291

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. We do the same for kcm-rxwait in the following patch. syzbot reported: BUG: KCSAN: data-race in...