CVE-2026-53281

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...

CVE-2026-46213 HID: appletb-kbd: fix UAF in inactivity-timer cleanup path

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix UAF in inactivity-timer cleanup path Commit 38224c472a03 "HID: appletb-kbd: fix slab use-after-free bug in appletbkbdprobe" added timerdeletesync&kbd-inactivitytimer to both the probe closehw error path and...

SUSE CVE-2026-46079

In the Linux kernel, the following vulnerability has been resolved: rbd: fix null-ptr-deref when deviceadddisk fails dorbdadd publishes the device with deviceadd before calling deviceadddisk. If deviceadddisk fails after deviceadd succeeds, the error path calls rbdfreedisk directly and then later...

CVE-2026-46098 net: caif: clear client service pointer on teardown

In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...

CVE-2026-43157

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...

CVE-2026-31763

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix incorrect freeirq variable The handler for the IRQ part of this driver is mpu3050-trig but, in the teardown freeirq is called with handler mpu3050. Use correct IRQ handler when calling freeirq...

PT-2026-36398

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mpu3050 gyro driver within the Industrial I/O IIO subsystem. During the teardown process, the free irq function is called using the mpu3050 handler instead of the...

CVE-2025-38385 net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

kernel: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext()

In the Linux kernel, the following vulnerability has been resolved: net/sched: schapi: fix xainsert error path in tcfblockgetext This command: $ tc qdisc replace dev eth0 ingressblock 1 egressblock 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block...

CVE-2022-49215

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xskunbinddev starts by setting xs-state to XSKUNBOUND, sets xs-dev to...