1898 matches found
CVE-2026-31458 mm/damon/sysfs: check contexts->nr before accessing contexts_arr[0]
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts-nr before accessing contextsarr0 Multiple sysfs command paths dereference contextsarr0 without first verifying that kdamond-contexts-nr == 1. A user can set nrcontexts to 0 via sysfs while DAMON is...
CVE-2026-31446 ext4: fix use-after-free in update_super_work when racing with umount
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in updatesuperwork when racing with umount Commit b98535d09179 "ext4: fix bugon in startthishandle during umount filesystem" moved ext4unregistersysfs before flushing ssbupdwork to prevent new error work...
CVE-2026-31446
CVE-2026-31446 is a Linux kernel/ext4 vulnerability describing a use-after-free in update_super_work during unmount races. The root cause: update_super_work calls ext4_notify_error_sysfs() -> sysfs_notify() after ext4_unregister_sysfs() frees the kobject, leading to a stale kernfs_node access....
CVE-2026-31434
CVE-2026-31434 affects the Linux kernel's btrfs subsystem. The root cause is a leak of kobject names for sub-group space_info entries: during removal, kobject_init_and_add is paired with allocations, but the corresponding btrfs_sysfs_remove_space_info() is not called on freed elements, causing le...
CVE-2026-31434 btrfs: fix leak of kobject name for sub-group space_info
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group spaceinfo When createspaceinfosubgroup allocates elements of spaceinfo-subgroup, kobjectinitandadd is called for each element via btrfssysfsaddspaceinfotype. However, when...
kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure
A flaw was found in the Linux kernel's Data Access MONitor DAMON sysfs interface. A local attacker, typically a privileged user, could exploit a cleanup bug during DAMON context setup. If the setup fails after the attrs directory is created, stale sysfs directories are left behind. This can lead ...
kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure
A flaw was found in the Linux kernel's Data Access MONitor DAMON sysfs interface. A local attacker, typically a privileged user, could exploit a cleanup bug during DAMON context setup. If the setup fails after the attrs directory is created, stale sysfs directories are left behind. This can lead ...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from resource leakage when the sysfsupdategroup function fails...
PT-2026-34364
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix param ctx leak on damon sysfs new test ctx failure Patch series "mm/damon/sysfs: fix memory leak and NULL dereference issues", v4. DAMON SYSFS can leak memory under allocation failure, and do NULL pointer...
PT-2026-34434
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix leakage in construct region Failing the first sysfs update group needs to explicitly kfree the resource as it is too early for cxl region iomem release to do so...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the damonsysfsrepeatcallfn function not checking contexts-nr, potentially leading to null pointer...
PT-2026-34363
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Multiple sysfs command paths dereference contexts arr0 without verifying that kdamond-contexts-nr equals 1. A privileged user can set nr contexts to 0 via sysfs while DAMON is running,...
PT-2026-34392
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the SPI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from multiple sysfs command paths accessing contextsarr0 without verifying the contexts-nr, potentially...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the damonsysfscommitinput function. This function fails when damonsysfsnewtestctx does not proper...
PT-2026-34351
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ext4 file system during the unmount process. The problem occurs when update super work races with umount, specifically when ext4 notify error sysfs...
PT-2026-34339
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group space info When create space info sub group allocates elements of space info-sub group, kobject init and add is called for each element via btrfs sysfs add space info type. However,...
Linux Distros Unpatched Vulnerability : CVE-2026-31458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs: check contexts-nr before accessing contextsarr0 Multiple sysfs command paths dereference contextsarr0 without first verifying that...
PT-2026-34362
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts-nr in repeat call fn damon sysfs repeat call fn calls damon sysfs upd tuned intervals, damon sysfs upd schemes stats, and damon sysfs upd schemes effective quotas without checking contexts-nr. If nr...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006988)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006988 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow The function...