302 matches found
CVE-2026-46046
A flaw was found in the Linux kernel's ext4 filesystem. A reference count refcount leak occurs in the ext4xattrinodedecrefall function. This issue arises because the iloc.bh buffer head, acquired by ext4getinodeloc, is not properly released with brelse. This can lead to resource exhaustion or...
CVE-2026-46060
A flaw was found in the Linux kernel's crypto: qat driver. This vulnerability occurs when the driver fails during device initialization, leading to Interrupt Request IRQ handlers not being properly detached before their associated resources are released. This improper cleanup can result in resour...
CVE-2026-46097
A flaw was found in the Linux kernel's edt-ft5x06 input driver. This vulnerability, a use-after-free, arises during the debugfs teardown, allowing debugfs files to be accessed after an associated buffer has been released. This could enable a local attacker to cause system instability or potential...
CVE-2026-43493
A flaw was found in the Linux kernel's pcrypt component. This vulnerability involves how the system handles certain requests, specifically MAYBACKLOG requests, which can indicate a temporary busy state. If not properly managed, the system's processing of these requests could lead to resource...
CVE-2026-43323
A flaw was found in the Linux kernel. Incorrect tracking of virtual runtime zerovruntime in the scheduler's fair scheduling component can occur under specific conditions, such as when tasks frequently yield or when multiple control groups cgroups are active. This can lead to the scheduler's...
CVE-2026-43484
A flaw was found in the Linux kernel's MultiMediaCard MMC core. Concurrent updates to bitfield flags, specifically 'claimed' and 'retunenow', can lead to unintended overwrites of other bits in asynchronous contexts. This can trigger spurious warnings and result in system instability or unexpected...
CVE-2026-43357
A flaw was found in the iio: gyro: mpu3050-core driver of the Linux kernel. Incorrect error handling in the power management runtime functions allows the driver to attempt accessing hardware that may have failed to resume. This can lead to an unconditionally incremented device usage count,...
CVE-2026-43425
A flaw was found in the Linux kernel's mdc800 USB image driver. When the driver attempts to read data from a USB device, a timeout can occur, leaving a USB Request Block URB in an active state. If a subsequent read operation is initiated, the driver may attempt to resubmit this already active URB...
CVE-2026-43474
A flaw was found in the Linux kernel's fuse filesystem. A local user could exploit an uninitialized value vulnerability when calling vfsfileattrget. This could potentially lead to information disclosure or system instability...
CVE-2026-43454
A flaw was found in the Linux kernel's netfilter nftables component. This vulnerability allows for duplicate device registration when handling network device registration notifications. Such duplicate registrations can lead to unexpected system behavior or instability...
CVE-2026-43453
A flaw was found in the Linux kernel's netfilter component, specifically within the nftsetpipapo module. The pipapodrop function performs a stack out-of-bounds read. This occurs when an argument is evaluated at the call site before the function body executes, leading to a read beyond the allocate...
CVE-2026-43448
A flaw was found in the Linux kernel's nvme-pci driver. A race condition exists in the nvmepollirqdisable function, where the device can be concurrently disabled by nvmeresetwork. This can lead to an unbalanced interrupt IRQ enable operation, resulting in a kernel warning. This issue may cause...
CVE-2026-43430
A flaw was found in the Linux kernel's yurex USB driver. A race condition occurs during the device probing process, where internal descriptor data can be overwritten before proper initialization. This vulnerability could lead to data corruption or unexpected system behavior, impacting the stabili...
CVE-2026-43406
A flaw was found in libceph in the Linux kernel. A remote attacker could exploit this vulnerability by sending a maliciously crafted message frame. This manipulation, either by corrupting the control segment length or disguising a different frame as a message frame, can cause out-of-bounds reads...
CVE-2026-43402
A flaw was found in the Linux kernel. A vulnerability in the kernel thread kthread exit process can lead to a use-after-free condition. This occurs when a kthread exits without proper cleanup, allowing other kernel operations to access and corrupt previously freed memory. This can result in syste...
CVE-2026-43396
A flaw was found in the Linux kernel, specifically within the drm/xe/sync component. When the dmafencechainalloc function fails, the user fence reference is not properly released, resulting in a memory leak. This issue could lead to system instability or denial of service. Mitigation Mitigation f...
CVE-2026-43366
A flaw was found in the Linux kernel. A vulnerability exists in the iouring/kbuf component related to buffer recycling. There is a time gap where a buffer list, if empty, could be incorrectly upgraded to a ring-provided type. The legacy recycling mechanism fails to properly check the buffer list'...
CVE-2026-43352
A flaw was found in the Linux kernel's I3C Improved Inter-Integrated Circuit Host Controller Interface HCI driver. Incorrect handling of DMA Direct Memory Access ring aborts can lead to the unintentional clearing of RINGCTRLENABLE. This action resets hardware ring pointers and disrupts the...
CVE-2026-43349
A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. This vulnerability allows a local attacker to cause an uninitialized value access in the f2fssanitychecknodefooter function. This occurs when the system fails to read data from a device into a folio, potentially leading to...
CVE-2026-43348
A flaw was found in the Linux kernel's mshvvtl component. When registering VTL0 memory, an issue with memory mapping calculations can cause the system to trigger a warning and return an invalid argument error. This could lead to system instability or a denial of service DoS, preventing legitimate...