Lucene search
K

367606 matches found

CVE
CVE
added 2026/05/28 9:40 a.m.31 views

CVE-2026-46214

CVE-2026-46214 relates to the Linux kernel vsock/virtio transport: a backlog count leak occurs when vsock_assign_transport() fails or switches transport, because sk_acceptq_added() is called before transport validation and not removed on error. This can cause sk_acceptq_is_full() to reject new co...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.24 views

CVE-2026-46213

The CVE-2026-46213 issue affects the Linux kernel HID Apple keyboard driver (appletb-kbd). A use-after-free (UAF) in the inactivity-timer cleanup path during driver tear-down was fixed by reordering teardown: (1) call hid_hw_close()/hid_hw_stop() before backlight cleanup to prevent late callbacks...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.31 views

CVE-2026-46212

CVE-2026-46212 concerns the Linux kernel’s batman-adv module. The vulnerability arises when deleting backbone claims in batman-adv (function batadv_bla_del_backbone_claims): the code drops a hash-list link entry that is still referenced, risking that the entry could be freed by batadv_claim_relea...

8.8CVSS5.7AI score0.00274EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.34 views

CVE-2026-46211

CVE-2026-46211 affects the Linux kernel drm/msm/gem component. The flaw in msm_ioctl_gem_info_get_metadata() can cause a NULL pointer dereference due to unchecked allocation (kmemdup()) and always returning 0 on errors, making userspace believe success. The issue is fixed by adding a NULL check f...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.20 views

CVE-2026-46210

The CVE-2026-46210 issue affects the Linux kernel Iris media driver. A race between per-instance locks (inst->lock) and the core list lock (core->lock) allows a use-after-free during MBPF checks: MBPF iterates the core list and reads fields like fmt_src->width/height while iris_close() m...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.28 views

CVE-2026-46209

CVE-2026-46209 affects the Linux kernel DRM GEM: a discrepancy between plane dimension calculations in drm_gem_fb_init_with_funcs() (plain integer division) and framebuffer_check() (DIV_ROUND_UP via drm_format_info_plane_width/height) can cause GEM size checks to miscalculate, potentially allowin...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.25 views

CVE-2026-46208

In the Linux kernel, batman-adv has a vulnerability where tp_meter sessions are not stopped during mesh teardown in batadv_mesh_free(). This allows a running sender thread or late tp_meter packets to keep operating against a mesh instance that is shutting down, potentially causing system instabil...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.27 views

CVE-2026-46207

The CVE-2026-46207 issue affects the Linux kernel’s vsock/virtio path, where non-linear skbs could fail to copy payloads to the vsockmon tap device due to iov_iter not being properly initialized. The fix standardizes handling for both linear and non-linear skbs by removing the linear/non-linear s...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.33 views

CVE-2026-46205

Summary (grounded from provided sources): CVE-2026-46205 affects the Linux kernel atomisp driver (staging: media). The root cause is unsafe handling of private IOCTLs; the change disallows all private IOCTLs and returns early when cmd is non-zero to satisfy static checkers. This vulnerability is ...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.44 views

CVE-2026-46206

The CVE-2026-46206 issue affects the Linux kernel’s batman-adv implementation, where the tp_meter component could start new sender or receiver sessions after mesh_state had exited BATADV_MESH_ACTIVE during teardown. The vulnerability stems from improper state management in batman-adv/tp_meter, po...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.28 views

CVE-2026-46204

CVE-2026-46204 affects the Linux kernel DRM_AMDGPU driver (drm/amdgpu/vcn4). The root cause is an out-of-bounds read when parsing an Instruction Buffer (IB). The patch rewrites the IB parsing to use amdgpu_ib_get_value(), ensuring bounds checks are performed and preventing OOB reads. Public descr...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.26 views

CVE-2026-46203

The CVE-2026-46203 issue affects the Linux kernel, specifically the spi: cadence-quadspi driver. The root cause is unclocked register access that can occur if the controller is not runtime-resumed before being disabled during driver unbind. The fix ensures the controller is runtime resumed prior ...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.28 views

CVE-2026-46202

CVE-2026-46202 concerns the Linux kernel HID driver for the Apple Touch Bar (hid-appletb-kbd). The issue arises when inactivity autodim uses backlight_device_set_brightness() from two atomic contexts (a timer_list callback and input/event paths), causing a mutex lock from an atomic context bug an...

5.5CVSS6AI score0.00128EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.21 views

CVE-2026-46201

CVE-2026-46201 affects the Linux kernel drm/xe: an error path in xe_gem_prime_import() leaks a dma_buf attachment when xe_dma_buf_init_obj() fails, because the attachment from dma_buf_dynamic_attach() is not detached. The fix explicitly detaches via dma_buf_detach() before returning an error, avo...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.29 views

CVE-2026-46200

CVE-2026-46200 affects the Linux kernel SPI MPC52xx driver. The issue stems from improper controller deregistration: the driver may deregister the controller after or without ensuring proper release of resources (interrupts, GPIOs) during driver unbind, risking system instability or resource exha...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.20 views

CVE-2026-46199

CVE-2026-46199 affects the Linux kernel drm/amdgpu/vcn4 component. The root cause is missing bounds checking when parsing decoder messages, allowing out-of-bounds reads. The issue is resolved by adding checks against the end of the BO whenever the message is accessed. Impact is information disclo...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.28 views

CVE-2026-46198

The CVE-2026-46198 issue affects the Linux kernel’s batman-adv component. A mismatch between integer types caused an integer overflow in batadv_iv_ogm_send_to_if, where buff_pos is s16 while the size check uses an int in batadv_iv_ogm_aggr_packet, potentially enabling an out-of-bounds read. The v...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.28 views

CVE-2026-46197

The CVE-2026-46197 issue affects the Linux kernel DRM/AMDKFD component, where the nattr field validation for SVM ioctl was insufficient against the reported buffer size, enabling out-of-bounds access via a user-controlled attribute count. The root cause is input size validation failure in the SVM...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.29 views

CVE-2026-46196

CVE-2026-46196 describes a Linux kernel tracepoint regression: during a 0→1 transition, tracepoint_add_func() calls ext->regfunc() before installing a probe, and if func_add() fails (e.g., -ENOMEM), it previously did not call ext->unregfunc(), leaving behind side effects. The fix mirrors th...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.101 views

CVE-2026-46195

The CVE-2026-46195 entry concerns a Linux kernel SMB client vulnerability. 32-bit servers can supply a crafted dacloffset that wraps a DACL pointer, allowing dereferencing of DACL fields during chmod/chown if validated only after pointer arithmetic. The flaw occurs in parse_sec_desc(), build_sec_...

9.8CVSS5.8AI score0.00675EPSS
Exploits0References13Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.21 views

CVE-2026-46194

CVE-2026-46194 is a Linux kernel/f2fs race condition where f2fs_destroy_extent_node() clears extent nodes without FI_NO_EXTENT, allowing concurrent writeback to insert nodes and trigger a bug check. The issue arises when dropping inodes with I_SYNC during writeback, leading to a potential crash/D...

4.7CVSS5.8AI score0.00093EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.27 views

CVE-2026-46193

CVE-2026-46193 concerns a Linux kernel xfrm AH (AH) implementation issue where ESN high bits are not accounted for in async callback paths, causing miscalculation of ICV/auth offsets on IPv4/IPv6 when ESN is enabled and async hmac is used. The vulnerability arises from reconstructing the temporar...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.22 views

CVE-2026-46192

CVE-2026-46192 concerns the Linux kernel spi: microchip-core-qspi driver, where transmitting garbage data during emulated read-only dual/quad operations could brick the QSPI transfer. The issue was resolved in the kernel, with reads handled by the core via clock cycles, removing the need to emit ...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.30 views

CVE-2026-46190

Summary (CVE-2026-46190) : A Linux kernel vulnerability in the MTD SPI-NOR debugfs code caused an out-of-bounds read in spi_nor_params_show() due to passing an array of pointers to spi_nor_print_flags() with sizeof(snor_f_names). Since sizeof on a pointer array yields bytes, not element count, th...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.30 views

CVE-2026-46191

CVE-2026-46191 concerns the Linux kernel fbcon component: when console rotation fails during fbcon_rotate_font(), the font buffer may overflow due to an OOB access. The fix clears the font buffer if the reallocation during console rotation fails and ensures the rotated buffer does not overflow. D...

7.1CVSS6AI score0.00131EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.29 views

CVE-2026-46189

CVE-2026-46189 affects the Linux kernel RDMA pvrdma component (pvrdma_alloc_ucontext). The issue is a double free: pvrdma_uar_free() is invoked in pvrdma_dealloc_ucontext() and is erroneously called before, creating a double free condition. Concrete fixes exist in OSV entries for multiple distrib...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References12Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.23 views

CVE-2026-46188

CVE-2026-46188 affects the Linux kernel in the octeon_ep_vf driver. The vulnerability arises because napi_build_skb() can return NULL on allocation failure and __octep_vf_oq_process_rx() uses the result without checking for NULL in both the single-buffer and multi-fragment paths, causing a NULL p...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.26 views

CVE-2026-46187

CVE-2026-46187 – summary of documented fixes : In the Linux kernel, the wifi: rsi driver experienced a kthread lifetime race between self-exit and external-stop, causing a UAF if the exited thread is accessed after free. The confirmed remediation is to remove kthread_stop() and wait for the self-...

4.7CVSS5.8AI score0.00093EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.22 views

CVE-2026-46186

Summary: CVE-2026-46186 affects the Linux kernel Bluetooth virtio_bt driver. The vulnerability arises in virtbt_rx_handle(), which reads the leading pkt_type byte from RX skb and forwards the rest to hci_recv_frame() for multiple packet types without validating that the remaining payload is large...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.29 views

CVE-2026-46185

The CVE-2026-46185 issue affects the Linux kernel SMB client. The root cause is insufficient length validation in smb2_check_message() when processing symlink error responses, allowing a symlink_data() path to read beyond the buffer if iov_len is smaller than the 64-byte SMB2 header and accessing...

9.1CVSS5.7AI score0.00513EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.27 views

CVE-2026-46184

CVE-2026-46184 relates to the Linux kernel sound/ua101 driver. The root cause is a missing sanity check for bNrChannels in detect_usb_format(), which can lead to a division by zero in playback_urb_complete() and capture_urb_complete() when a device reports bNrChannels = 0. The USB core does not v...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.21 views

CVE-2026-46183

CVE-2026-46183 affects the Linux kernel DAMON sysfs code. The vulnerability is a use-after-free in damon_sysfs_quot_goal->path: user reads/writes to the sysfs 'path' file can deallocate the underlying buffer, and current protection only guards parameter reads during commit; direct user access ...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.33 views

CVE-2026-46182

The CVE-2026-46182 issue affects the Linux kernel component pseries/papr-hvpipe . The root cause is that a local kernel stack variable hdr (papr_hvpipe_hdr) is allocated on the stack and only hdr.version and hdr.flags are initialized, leaving reserved padding bytes uninitialized. When copied to u...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.40 views

CVE-2026-46181

Summary: CVE-2026-46181 concerns the Linux kernel RDMA/mlx4 component. The root cause is improper use of Read-Copy Update (RCU) in mlx4_srq_event(), which could allow a race where an event is delivered before the srq object is fully initialized, potentially crashing the system. The documented fix...

7.8CVSS5.8AI score0.00107EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.23 views

CVE-2026-46179

In CVE-2026-46179, the Linux kernel ASoC SOF subsystem is vulnerable to a divide-by-zero when reporting the pointer for a compressed stream if stream parameters are unconfigured. The bug arises from dividing the I/O frame position by (channels × container bytes), which defaults to zero until stre...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.35 views

CVE-2026-46180

CVE-2026-46180 concerns a use-after-free in wifi brcmfmac when stopping the watchdog task in the Linux kernel. The vulnerability is addressed by increasing the watchdog task reference count before send_sig() and then dropping it with kthread_stop_put(). Connected OSV entries show patches in Root:...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.32 views

CVE-2026-46178

The CVE-2026-46178 entry concerns the Linux kernel RDMA/mlx4 component. A resource leak could occur during error handling in mlx4_ib_create_srq(), because mlx4_srq_alloc() was not undone during error unwinding. The fix adds a call to mlx4_srq_free() to properly release the resource when an error ...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.35 views

CVE-2026-46177

The CVE-2026-46177 issue affects the Linux kernel IPMI driver. It describes a vulnerability where the driver could continuously fetch events and receive messages from the BMC (or become stuck) due to the BMC not signaling completion or the attn bit getting stuck. The documented fix limits event/m...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.20 views

CVE-2026-46176

The CVE-2026-46176 issue affects the Linux kernel RDMA mlx5 path (mlx5_ib_dev_res_srq_init): when ib_create_srq() fails for s1, the error path can end up with freed s0 and ERR_PTR s1 assigned to devr->s0/devr->s1, leading to use-after-free/double-free risk in subsequent access. The fix adds...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.37 views

CVE-2026-46175

Summary of CVE-2026-46175 (f2fs FGGC issue) : In the Linux kernel’s f2fs filesystem, Foreground Garbage Collection (FGGC) of node blocks could leave the fsync and dentry marks uncleared, causing fsck to misinterpret migrated data as fsync-written. The root cause is that the marks were not cleared...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.37 views

CVE-2026-46174

In CVE-2026-46174, the Linux kernel vulnerability affects x86/CPU/AMD Zen2 by allowing improper isolation of shared resources in the Zen2 op cache, potentially leading to instruction corruption. The issue has been resolved in the Linux kernel, with Debian and Root packaging advisories noting fixe...

8.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46173

CVE-2026-46173 concerns the Linux kernel. The issue arises when an already-exiting task oopses and make_task_dead() calls do_task_dead() with preemption enabled, while __schedule() must be called with preemption disabled. If a preempted oopsing task is still in the dead-state, finish_task_switch(...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.20 views

CVE-2026-46172

** CWE-XXXX**: CVE-2026-46172 affects the Linux kernel IPv6 xfrm6 path. The issue occurs in xfrm6_rcv_encap() during an IPv6 route lookup when a dst is not yet attached; ip6_route_input_lookup() can return a dst with an error, and if dst->error is set, the skb is dropped without attaching/rele...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.23 views

CVE-2026-46171

The CVE-2026-46171 issue affects the Linux kernel KVM for RISCV, where a second kzalloc failure in kvm_riscv_vcpu_alloc_vector_context leaks the first allocation (guest_context.vector.datap). The root cause is a vector context allocation leak that can degrade system stability if not freed. A fix ...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.27 views

CVE-2026-46170

CVE-2026-46170 affects the Linux kernel MPTCP implementation. When ADD_ADDR is retransmitted, the socket reference counting can fail to free the sk, which may trigger indefinite waiting in timer synchronization and cause a DoS. The root cause is improper timer handling during sk_free that could c...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.22 views

CVE-2026-46169

The CVE-2026-46169 case concerns the Linux kernel HFS Plus (HFS+) filesystem. The root cause is that hfs_brec_read() validates only that entrylength fits a buffer but does not confirm that the on-disk catalog record size matches the expected type, allowing partial reads on corrupted filesystems. ...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.25 views

CVE-2026-46168

The CVE-2026-46168 issue affects the Linux kernel's multipath TCP (mptcp) scheduling around timestamp sockopts. The root cause is using lock_sock_fast() (atomic context) around sock_set_timestamp() and sock_set_timestamping(), which can sleep and cause atomic-context issues. The published fixes r...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46167

CVE-2026-46167 – Linux kernel usb/usblp heap leak : The vulnerability stems from an uninitialized status buffer (statusbuf) allocated at probe time for LPGETSTATUS. If a malicious printer returns zero bytes, a stale 8-byte heap region could be copied to userspace via LPGETSTATUS, causing a heap l...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.28 views

CVE-2026-46166

The CVE-2026-46166 affects the Linux kernel’s wireless subsystem (mac80211) in the radar detect work. The root cause is unsafe list iteration during radar processing, where ieee80211_dfs_cac_cancel can free the iterated chanctx and remove it from the list, causing a slab-use-after-free. A guarded...

8.8CVSS5.8AI score0.00203EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.22 views

CVE-2026-46165

CVE-2026-46165 affects the Linux kernel openvswitch vport code, where a self-deadlock could occur on tunnel port release due to improper ordering between RCU callbacks and RTNL/normally synchronized code paths. The root cause: vports are protected by RCU and must have netdev_put() after the RCU g...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References6Affected Software1
Total number of security vulnerabilities367606