1031 matches found
EUVD-2026-28720
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
CVE-2026-43464
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag correct...
CVE-2026-43464
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag correct...
CVE-2026-43464 net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag correct...
CVE-2026-43355
CVE-2026-43355 affects the Linux kernel bh1780 light sensor driver (iio: light). The root cause is a PM runtime reference-count leak: pm_runtime_put_autosuspend() was not guaranteed to run after pm_runtime_get_sync() if the read operation failed. The fixed response moves the autosuspend call befo...
CVE-2026-43301 media: chips-media: wave5: Fix PM runtime usage count underflow
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pmruntimeputsync with pmruntimedontuseautosuspend in the remove path to properly pair with pmruntimeuseautosuspend from probe. This allows pmruntimedisable t...
SUSE CVE-2026-43207
In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtkmdpunregisterm2mdevice on the error handling path to prevent resource leak. Add check for the return value of vpugetplatdevice to prevent null pointer dereference. And...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the XDP multiple buffer fragment count in the net mlx5e RX component. This count does not correct...
PT-2026-39126
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net/mlx5e component regarding XDP multi-buf fragment counting for striding RQ. XDP multi-buf programs can modify the XDP buffer layout when calling bpf xdp pull da...
Linux Distros Unpatched Vulnerability : CVE-2026-43465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls...
CVE-2026-43106
A flaw was found in the Linux kernel's cachefiles module, which manages cached files. This vulnerability stems from an error in how the system counts references to certain file system objects, specifically within the cachefilescull function. When a reference is lost, it can lead to system...
EUVD-2026-27796
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...
CVE-2026-43270
The CVE-2026-43270 issue affects the Linux kernel media: mtk-mdp module. In mtk_mdp_probe(), vpu_get_plat_device() increases the platform device reference count and is not consistently released in mtk_mdp_remove(), creating a reference-leak vulnerability. Red Hat and Debian OS/tracking entries co...
CVE-2026-43237
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...
CVE-2026-43174 io_uring/zcrx: fix post open error handling
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly...
CVE-2026-43116
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...
SUSE CVE-2026-31732
In the Linux kernel, the following vulnerability has been resolved: gpio: Fix resource leaks on errors in gpiochipadddatawithkey Since commit aab5c6f20023 "gpio: set device type for GPIO chips", gdev-dev.release is unset. As a result, the reference count to gdev-dev isn't dropped on the error...
PT-2026-37577
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the amdgpu gem va ioctl function where the fence was selected too early and its reference was not managed correctly. This leads to refcount underflows and the use of...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the NETDEVCHANGEMTU event triggered when registered devices are deregistered. This vulnerability...
CVE-2026-43063
CVE-2026-43063 pertains to the Linux kernel XFS attribute recovery path. The vulnerability arises when xlog_recovery_iget* fails to yield a valid pointer and an ensuing irele operates on a dangling pointer, potentially enabling a local attacker to crash the system and cause a DoS. The Red Hat adv...