187305 matches found
PT-2026-51949
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the hisilicon/sec2 crypto component. Under heavy load during packet transmission, the hardware may complete packet processing and free the request memory...
PT-2026-51845
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the drm/xe/dma-buf subsystem involving race conditions when handling the invalidate mappings hook during buffer object initialization and attachment. These races occur...
PT-2026-51871
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists during signal or timeout wakeup in the futex subsystem. When one task is performing a wait-requeue-pi operation and another is performing a requeue-PI operation, ...
PT-2026-51880
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nf conntrack sip module due to unsafe port parsing. The system used the simple strtoul function, which assumes strings are NUL-terminated, on...
PT-2026-51872
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The dev-set and key-rotate netlink operations allow the modification of shared device state, specifically the PSP version configuration and cryptographic key material. These operations...
PT-2026-51864
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the nft ct expect obj eval function allocates an expectation and may call nf ct expect related, but fails to drop its local reference. This...
PT-2026-51841
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the qrtr port remove function where the socket reference count is decremented using sock put before the port is removed from the qrtr ports XArray and before the RCU...
PT-2026-51853
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sev-guest component when issuing an extended guest request SVM VMGEXIT EXT GUEST REQUEST. The get ext report function allocates a buffer to retrieve a certificate...
PT-2026-52014
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the PCI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...
PT-2026-51982
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An off-by-one error exists in the bcmgenet put txcb function. The write ptr points to the next open tx cb, but the function must rewind the pointer before returning the tx cb to ensure i...
PT-2026-51987
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference exists in the brcmfmac WiFi driver. The function brcmf chip add core can return an error pointer that is not properly checked within the brcmf chip recogniti...
PT-2026-52011
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the s390/cio component. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock...
PT-2026-51985
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the handling of Generic Segmentation Offload GSO packet headers. The qdisc pkt len segs init function fails to properly pull headers into the expected memory location,...
PT-2026-52009
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the fsl-mc bus. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This lead...
PT-2026-52019
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the Linux kernel when the value "clear" is written to the array state variable. The md attr store function breaks sysfs active protection to allow an array to delete...
PT-2026-52020
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A disk reference leak occurs in the blkcg maybe throttle current function. When blkcg lookup, blkg lookup, or blkg tryget fails, the function fails to call put disk on the error path. Th...
PT-2026-51983
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists when querying information for an offloaded BPF map or program. The functions bpf map offload info fill ns and bpf prog offload info fill ns use get netdev...
PT-2026-52010
In the Linux kernel, the following vulnerability has been resolved: s390/ap: use generic driver override infrastructure When the AP masks are updated via apmask store or aqmask store, ap bus revise bindings is called after ap attr mutex has been released. This calls ap revise reserved, which...
PT-2026-52007
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the ath11k wifi driver during beacon template setup. The functions ath11k mac setup bcn tmpl ema and ath11k mac setup bcn tmpl mbssid allocate memory for beacon...
PT-2026-52015
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the amd pstate epp cpu init function. When a failure occurs while setting the energy performance preference epp, the function returns an error code without freein...
PT-2026-51743
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description When performing a transfer to a specific HTTP origin hostA using Digest authentication and subsequently changing the origin to a different one hostB while reusing the same handle, libcurl...
PT-2026-51709
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv frag skb buffer function is called by batadv batman skb recv upon receiving a BATADV UNICAST FRAG packet. After reassembling the...
PT-2026-51732
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the rds ib send cqe handler function when handling masked atomic completions. The rds ib xmit atomic function programs a masked atomic opcode either ...
PT-2026-51722
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where the system fails to fully roll back the state when an ADD OUT STREAMS request is denied. In such cases, the system only shrinks queued...
PT-2026-51706
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the batman-adv module. When a batadv hard iface is disabled, its mesh iface pointer is set to NULL. The function batadv v ogm send meshif may still...
PT-2026-51725
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm ipcomp component where destination pages are not properly freed during acomp errors. This occurs because the out free req label is positioned such that the...
PT-2026-51728
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm espintcp component where the system may reuse an in-progress partial send. Specifically, the espintcp sendmsg function may reinitialize emsg-skmsg and reuse...
PT-2026-51705
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the netfilter nf queue component. The br pass frame up function rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCAL ...
PT-2026-51710
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP sock diag lookup process where the system can hold a transport reference and block on the lock socksk function. If the process resumes after sctp association...
PT-2026-51727
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv tvlv container list size function uses a u16 return type and accumulator. When the accumulated size of registered containers...
PT-2026-51715
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv dat forward data function calls pskb copy for clone to duplicate an skb for each DHT candidate without verifying the return valu...
PT-2026-51734
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the smc msg event tracepoint class, which is shared by smc tx sendmsg and smc rx recvmsg. The issue occurs because the system unconditionally...
PT-2026-51718
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Null Pointer Dereference NPD can occur when removing a port from a Virtual Routing and Forwarding VRF instance. RCU readers using netif is l3 slave may incorrectly assume that netdev...
PT-2026-51721
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the AF UNIX implementation where SIOCATMARK, which reports if the receive queue is at the urgent mark for MSG OOB Out-of-Band data, is incorrectly supported on...
PT-2026-51663
Name of the Vulnerable Software and Affected Versions libslirp versions prior to v4.9.2 Description An integer underflow and out-of-bounds heap read exist in the TCP urgent data handling sosendoob within hypervisor host environments, such as QEMU. A privileged guest VM attacker with root or CAP N...
PT-2026-51869
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the bonding 3ad implementation due to improper Read-Copy-Update RCU rules for the port-aggregator variable. This issue was identified in the bond 3ad get active agg...
PT-2026-51857
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA usb-audio component where the snd usbmidi get ms info function fails to properly bound MIDI endpoint descriptor scans. While the function validates the intern...
PT-2026-51860
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A logical error exists within the Direct Rendering Manager DRM change handle logic. The issue occurs when the system fails to replace the original ID pointer with the newly generated IDR...
PT-2026-52021
In the Linux kernel, the following vulnerability has been resolved: block: fix zones cond memory leak on zone revalidation error paths When blk revalidate disk zones fails after disk revalidate zone resources has allocated args.zones cond, the memory is leaked because no error path frees it...
PT-2026-51995
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential deadlock exists in the mt7921 roc abort sync function within the mt76 wireless driver. The issue occurs when roc abort sync calls cancel work sync, which waits for roc work t...
PT-2026-52004
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the s390 BPF JIT Just-In-Time compiler, which is a component that translates BPF bytecode into native machine code for faster execution. The s390x ABI Application Bina...
PT-2026-52012
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the vdpa component. When a driver is probed through the driver attach function, the bus match callback is executed without holding the device lock...
PT-2026-51993
In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIG CFI CLANG to CONFIG CFI This was renamed in commit 23ef9d439769 "kcfi: Rename CONFIG CFI CLANG to CONFIG CFI" as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled...
PT-2026-52022
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DRBD module where the drbd adm dump devices function fails to call rcu read lock before rcu read unlock is invoked. This imbalance in Read-Copy-Update RCU—a...
PT-2026-52006
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the rtlwifi PCI component. The irq prepare bcn tasklet is initialized in rtl pci init and scheduled upon a RTL IMR BCNINT hardware interrupt. Because thi...
PT-2026-52003
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the powerpc architecture's page table fragment management. The system uses pt frag refcount to track page table fragments. When pte free defer is called during madvise...
PT-2026-52008
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the perf allow kernel function is called from the IBS NMI handler. Calling this function within the NMI Non-Maskable Interrupt context is unsafe...
PT-2026-52024
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An unsigned underflow occurs in the omfs make empty function when processing a crafted filesystem image. The omfs fill super function fails to reject s sys blocksize values smaller than...
PT-2026-52001
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libertas wifi driver where the system attempts to kill USB Request Blocks URBs within an interrupt context. Serialization for the transmission path was previously...
PT-2026-52005
Name of the Vulnerable Software and Affected Versions Linux kernel version 6.19.0-rc5 Description A null pointer dereference issue exists in the bpf lwt xmit push encap helper. The issue occurs because the skb- skb refdst variable may not be initialized when the socket buffer skb is set up by the...