197725 matches found
CVE-2026-45919
A flaw was found in the Linux kernel's real-time RT scheduler. Under specific heavy load conditions, a vulnerability in the rtonextcpu function can cause a CPU to repeatedly interrupt itself. This leads to a CPU hardlockup, resulting in a Denial of Service DoS for the system. This issue can be...
CVE-2026-45921
A flaw was found in the Linux kernel's mtd: parsers component. A memory leak occurs in the mtdparsertplinksafeloaderparse function. This happens when a buffer is allocated but not freed if a subsequent allocation for a part name fails, leading to unreleased memory. This could potentially lead to...
CVE-2026-45920
A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability allows a local user to trigger an inconsistency in the dirty clusters count during filesystem shutdown. The issue stems from a double decrement in the error handling path, which can lead to system instability and a denial ...
CVE-2026-45922
A flaw was found in the Linux kernel, specifically within the RDMA/mlx5 component. When the GETDATADIRECTSYSFSPATH handler processes a device path, it allocates memory. If the device path's length exceeds the designated output buffer, the allocated memory is not properly released. This oversight...
CVE-2026-45923
A flaw was found in the Linux kernel's net: usb: catc driver. A malformed Universal Serial Bus USB device can present endpoint descriptors with transfer types that differ from what the driver expects. This can lead to the driver attempting to use incorrect endpoint types, potentially causing...
CVE-2026-45924
A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability occurs because ksmbdvfskernpathendremoving is not called on certain error paths, leading to unbalanced inode locks and references. This can result in potential deadlocks and unbalanced locks, which may cause system...
CVE-2026-45925
A flaw was found in the Linux kernel's thermal management module. A reference leak occurs in the thermalofcmlookup function because a device node trnp obtained through ofparsephandle is not properly released. This issue can lead to resource exhaustion over time, potentially impacting system...
CVE-2026-45926
A flaw was found in the Linux kernel. When initializing a Pulse Width Modulation PWM chip, a memory leak can occur if the pwmchipalloc function fails. This happens because the allocated pwmchip's initial reference is not properly released, leading to unmanaged memory consumption. This vulnerabili...
CVE-2026-45927
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF subsystem. This vulnerability, a Time-of-check to time-of-use TOCTOU bug, allows a local attacker to modify the contents of a BPF map after its hash has been calculated but before it is frozen. Consequently, a trusted loader could ...
CVE-2026-45930
A flaw was found in the Linux kernel's Multi-Channel Transport Protocol MCTP networking implementation. When processing a RTMGETNEIGH request, the system may return uninitialized data in the ndmsg pad bytes. This can allow a local attacker to obtain sensitive information from kernel memory, leadi...
CVE-2026-45928
A flaw was found in the Linux kernel's wave5 media driver. When a vpu instance is allocated, and a subsequent allocation for codecinfo fails, the driver returns an error without freeing the previously allocated vpu instance. This oversight leads to a memory leak, which could potentially impact...
CVE-2026-45929
A flaw was found in the Linux kernel's ovpn module. A use-after-free vulnerability exists in the ovpnnetxmit function where a freed skb socket buffer pointer can be used for subsequent operations. This can occur when skbsharecheck frees the original skb if it is shared, leading to a stale pointer...
CVE-2026-45931
A flaw was found in the Linux kernel's accel/amdxdna module. This vulnerability occurs when the iommusvaunbinddevice function attempts to access a memory management mm structure after it has been deallocated, leading to a use-after-free condition. This can result in a system crash, causing a Deni...
CVE-2026-45932
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPFPROGDETACH on tcx or netkit devices could be executed by any user when no program fd was provided, bypassing permission...
CVE-2026-45933
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter verifier. The synclinkedregs function fails to preserve the register ID during bounds propagation, which can lead to incorrect register state. This issue may allow a local attacker to trigger a 'division by zero' error, resulting i...
CVE-2026-45935
A flaw was found in the Linux kernel's NTFS3 filesystem driver. Insufficient bounds checking when processing log records in the DeleteIndexEntryRoot function allows a local attacker to provide a maliciously large entry size. This can lead to a heap buffer overflow, a type of memory corruption,...
CVE-2026-45934
A flaw was found in the Linux kernel's btrfs filesystem. This issue occurs due to non-consecutive gaps in chunk allocation, leading to overlapping chunk maps. A local attacker could exploit this by triggering specific chunk allocation scenarios, potentially causing filesystem operations to abort...
CVE-2026-45936
A flaw was found in the Linux kernel's goldfish power supply driver. A race condition during driver removal or initialization can lead to a use-after-free vulnerability. This allows an interrupt to access a freed or uninitialized power supply handle, which can cause the system to crash, resulting...
CVE-2026-45938
A flaw was found in the Linux kernel's pm8916lbc power supply module. A race condition exists during interrupt handling where an interrupt can fire after the powersupply handle is freed but before the interrupt handler is unregistered. This use-after-free vulnerability can lead to a system crash ...
CVE-2026-45937
A flaw was found in the Linux kernel's inside-secure/eip93 cryptographic driver. This vulnerability occurs during the driver detachment process, where a programming error leads to the same hash algorithm being unregistered multiple times. This issue can cause a kernel panic, resulting in a Denial...
CVE-2026-45940
A flaw was found in the Linux kernel's stmmac Ethernet driver. When split header functionality is enabled for GMAC4, the hardware may not fully populate a buffer in the first descriptor. This can lead to an incorrect calculation of buffer length in subsequent descriptors, resulting in a kernel...
CVE-2026-45939
A flaw was found in the Linux kernel's gpib module. Improper error handling within the niusbinit function can lead to a memory leak. This occurs when the niusbsetupinit function fails to initialize, causing an allocated buffer to not be freed. Over time, this could result in reduced system...
CVE-2026-45941
A flaw was found in the Linux kernel's tpmi2cinfineon module. This vulnerability occurs when the getburstcount function fails due to a timeout, causing the system to not release an acquired locality. An attacker could potentially exploit this to cause a resource exhaustion, leading to a Denial of...
CVE-2026-45942
A flaw was found in the Linux kernel's ext4 filesystem. A race condition exists between page migration and bitmap modification within the loadbuddy function. This can lead to bitmap inconsistencies and false positive corruption reports during certain workloads. This issue can affect data integrit...
CVE-2026-45944
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit VT-d Virtualization Technology for Directed I/O component. When a context entry is being torn down, the 'Present' bit might not be cleared before other parts of the entry are zeroed. This can lead to the hardware...
CVE-2026-45943
A flaw was found in the Linux kernel's erofs filesystem. This issue occurs when compressed folios for ztailpacking pclusters are not validated before being added to I/O chains. An attacker could potentially trigger a NULL pointer dereference, leading to a system crash and a Denial of Service DoS...
CVE-2026-45946
A flaw was found in the Linux kernel's ab8500 power supply driver. A race condition exists during the deallocation of a power supply component and the unregistration of its interrupt handler. This can lead to the interrupt handler attempting to access memory that has already been freed, a conditi...
CVE-2026-45945
A flaw was found in the Linux kernel's Intel VT-d Virtualization Technology for Directed I/O implementation. A race condition occurs during the replacement of an active PASID Process Address Space ID entry. This can lead to the IOMMU Input/Output Memory Management Unit hardware reading an...
CVE-2026-45947
A flaw was found in the Linux kernel's AMD GPU display drm/amdgpu component. This vulnerability involves a memory leak within the amdgpuacpienumeratexcc function. When certain errors occur during the initialization process, the system fails to properly release allocated memory. This oversight can...
CVE-2026-45948
A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs in the ext4extshiftextents function, where a memory leak can happen if the function returns prematurely without releasing a previously obtained path. A local attacker could potentially exploit this to cause a denial...
CVE-2026-45949
A flaw was found in the Linux kernel's hardware random number generator hwrng core. A race condition exists where concurrent or rapid calls to the hwrngunregister function can lead to a use-after-free vulnerability. This issue allows the system to attempt to access freed memory, potentially causi...
CVE-2026-45950
A flaw was found in the Linux kernel's starfiveaesaeaddoonereq function within the crypto: starfive component. This vulnerability occurs because memory allocated for rctx-adata is not properly freed if sgcopytobuffer or starfiveaeshwinit operations fail. This can lead to memory leaks, potentially...
CVE-2026-45952
A flaw was found in the Linux kernel's fbnic driver. This vulnerability allows a local user to cause a Denial of Service DoS by increasing the Maximum Transmission Unit MTU beyond the hardware's threshold while an eXpress Data Path XDP program is attached. This improper validation of MTU changes...
CVE-2026-45951
A flaw was found in the Linux kernel, specifically within its BPF Berkeley Packet Filter subsystem. This vulnerability, a use-after-free, arises from incorrect reference counting in the checkpseudobtfid function. It allows a local attacker to potentially corrupt memory, which could lead to...
CVE-2026-45953
A flaw was found in the Linux kernel's RAID5 module. When a low-level bitmap llbitmap bit state is unwritten in a degraded array, a missing check during write operations can cause the system to enter an infinite loop. This can lead to an I/O hang, effectively resulting in a Denial of Service DoS...
CVE-2026-45954
A flaw was found in the Linux kernel's au1200fb framebuffer driver. When the platformgetirq function fails during the au1200fbdrvprobe process, the driver incorrectly returns an error without releasing allocated memory. This memory leak could be exploited by a local attacker, potentially leading ...
CVE-2026-45956
A flaw was found in the Linux kernel's drm/exynos component. This vulnerability arises from an incorrect lookup of device information within the vidiconnectionioctl function, where the system uses an improper pointer to access data. This can lead to memory corruption, which means the system might...
CVE-2026-45955
A flaw was found in the Linux kernel's md/md-llbitmap component. This vulnerability occurs when a suspend operation times out, failing to properly reset a critical internal reference. This oversight leaves the system's page control structure in an unusable state. This issue can lead to system...
CVE-2026-45958
A flaw was found in the Linux kernel's drm/exynos: vidi driver. A local user could exploit this vulnerability by directly dereferencing a user pointer in the vidiconnectionioctl function. This allows for arbitrary kernel memory access from user space, potentially leading to privilege escalation o...
CVE-2026-45957
A flaw was found in the Linux kernel's Read-Copy Update RCU mechanism. A missing recursion protection in the rcureadunlock function can lead to an infinite loop, known as a deadloop, when a soft interrupt softirq is triggered. This issue can cause the system to become unresponsive, resulting in a...
CVE-2026-45959
A flaw was found in the Linux kernel's crypto: ccp module. An incorrect cleanup usage of the kfree function, which is used for memory deallocation, with a local pointer variable could lead to an invalid deallocation of a stack address. This issue can result in a system crash, causing a Denial of...
CVE-2026-45960
A flaw was found in the Linux kernel's hfsplus filesystem. When the hfsbnodecreate function attempts to create a node that already exists, it returns the existing node without properly incrementing its reference count. This can occur due to filesystem corruption or when a node is incorrectly mark...
CVE-2026-45961
A flaw was found in the Linux kernel's GFS2 filesystem. When a GFS2 filesystem transitions to read-write mode, specific error handling paths within the gfs2fillsuper function fail to properly deallocate memory. This can lead to memory leaks of kernel thread objects and quota bitmap buffers. Over...
CVE-2026-45962
A flaw was found in the Linux kernel's userspace block ublk driver. This vulnerability allows a local attacker to cause an out-of-boundary memory access by providing a specially crafted command that bypasses the IOURINGFSQE128 flag check. This could lead to a system crash, resulting in a denial o...
CVE-2026-45963
A flaw was found in the Linux kernel's ASoC nau8821 driver. This vulnerability occurs when the driver is unloaded, and a pending jack detection work jdetwork is not properly cancelled or allowed to complete. An attacker could exploit this by triggering the driver unload under specific conditions,...
CVE-2026-45966
A flaw was found in the AppArmor security module within the Linux kernel. This vulnerability occurs when the system processes file descriptors, which are references to open files or other I/O resources, using a specific inter-process communication mechanism called SCMRIGHTS. A missing check for...
CVE-2026-45964
A flaw was found in the Linux kernel's SUNRPC Sun Remote Procedure Call gssauth module. An issue in the error handling path for gssallocmsg could lead to a kernel reference count kref leak. This occurs when a memory allocation fails, preventing the proper release of the gssauth structure. A local...
CVE-2026-45965
A flaw was found in the AppArmor security module of the Linux kernel. When the exportbinary parameter is disabled at runtime, a previously loaded profile that is subsequently replaced can lead to a NULL pointer dereference. This occurs when the system attempts to resolve symbolic links to raw dat...
CVE-2026-45968
A flaw was found in the Linux kernel's cpuidle subsystem. On certain PowerNV systems, when only a single idle state is available, the cpuidle ladder governor may incorrectly treat state 1 as usable. This can lead to an out-of-bounds index being passed, causing a NULL enter callback to be invoked...
CVE-2026-45969
A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. The psgamepadcreate function does not verify the return value of inputffcreatememless. This missing check can lead to incorrect behavior or potential system crashes when Force Feedback FF effects are activated...