CVE-2026-45967

A flaw was found in the Linux kernel. Specifically, a bug in the mapdirectvalueaddr function, which is part of the Berkeley Packet Filter BPF instruction array map, leads to incorrect address calculations when dealing with non-zero offsets. This issue could result in the kernel accessing unintend...

CVE-2026-45970

A flaw was found in the Linux kernel's bonding driver, specifically within the Active-Backup Load Balancing ALB receive path. A local attacker can trigger a Use-After-Free UAF vulnerability in the rlbarprecv function by rapidly bringing a bond interface up and down while receiving Address...

CVE-2026-48710

A flaw was found in Starlette, a lightweight ASGI Asynchronous Server Gateway Interface framework. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP Host request header. This malformed header could cause the request.url to be incorrectly reconstructed, leading...

CVE-2026-45971

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF component. A local attacker could exploit this vulnerability by providing an excessively large BPF program signature. This could force the kernel into expensive memory allocation paths, potentially leading to resource exhaustion an...

CVE-2026-45972

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability, within the smb2openfile function, could allow an attacker to cause memory corruption due to improper handling of memory during file open operations. This could lead to system instability or potentially...

CVE-2026-45973

A flaw was found in the Linux kernel's RDMA/mlx5 driver. A race condition during firmware reset in Link Aggregation Group LAG mode can cause the driver to hang indefinitely while waiting for Unregister Memory Region UMR completion during device unload. This can lead to a denial of service, making...

CVE-2026-45974

A flaw was found in the Linux kernel's btrfs filesystem. The btrfsquotaenable function contains a logic error where it attempts to access an invalid memory location if a specific key is not found during a search operation. This incorrect handling of search results can lead to invalid leaf access,...

CVE-2026-45975

A flaw was found in the Linux kernel's ublk subsystem. A local attacker could exploit a race condition where the kernel reads struct ublksrvctrlcmd from userspace-mapped memory without proper synchronization. This allows a malicious user to concurrently write to the structure, potentially causing...

CVE-2026-45976

A flaw was found in the Linux kernel's drm/amdgpu driver. When the amdgpunbiorasswinit function fails during the amdgpurasinit process, an allocated memory structure is not properly released. This oversight results in a memory leak. Over time, this memory leak could potentially lead to system...

CVE-2026-45978

A flaw was found in the Linux kernel's Greybus Lights subsystem. This vulnerability occurs when the gblightslightconfig function attempts to store a channel count before successfully allocating the corresponding channels array. If the memory allocation fails, a subsequent cleanup operation can tr...

CVE-2026-45977

A flaw was found in the Linux kernel's fbnic Fibre Channel over Ethernet Network Interface Card driver. A race condition exists in the handling of firmware logs, where the log can be freed while still being accessed. This can lead to a use-after-free vulnerability, potentially allowing an attacke...

CVE-2026-45982

A flaw was found in the Linux kernel. A NULL pointer dereference in the acpievaddressspacedispatch function could allow a local attacker to cause a denial of service DoS by triggering a missed execution path. This vulnerability arises from an incomplete check in the Advanced Configuration and Pow...

CVE-2026-45979

A flaw was found in the Linux kernel's amdgpu graphics driver. When the system experiences low memory conditions, a specific cleanup routine within the amdgpucsparserbos function may fail to properly unlock a mutex. This oversight can lead to resource contention, potentially causing a denial of...

CVE-2026-45980

A flaw was found in the Linux kernel's accel/amdxdna driver. A local user could exploit this vulnerability by running jobs on a hardware context while it is in the process of releasing resources. This improper job scheduling can lead to a use-after-free condition, resulting in system crashes and ...

CVE-2026-45983

A flaw was found in the Linux kernel's Network File System version 4 NFSv4 daemon nfsd. When processing NFSv4 requests, delayed responses from idmap lookups can cause requests to be dropped. This issue prevents the session slot from being properly cleared, leading to subsequent client requests...

CVE-2026-45981

A flaw was found in the Linux kernel, specifically within the s390/cio component. This vulnerability stems from incorrect device lifecycle management during subchannel allocation. This could allow an attacker to trigger use-after-free or double-free conditions, potentially leading to system...

CVE-2026-45984

A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...

CVE-2026-45990

A flaw was found in the Linux kernel. This vulnerability, a type of memory corruption, occurs within the krealloc and kvrealloc memory reallocation functions. When memory objects are resized or moved, these functions can incorrectly calculate the amount of data to copy, leading to an out-of-bound...

CVE-2026-45989

A flaw was found in the Linux kernel, specifically within the testdrvprobe function. This vulnerability, known as a use-after-free, occurs because the system prematurely releases a memory reference and then attempts to access that freed memory. This can be triggered by a local user, potentially...

CVE-2026-45987

A flaw was found in the KVM Kernel-based Virtual Machine nSVM component of the Linux kernel. This vulnerability occurs when the interrupt shadow state is not correctly synchronized to the cached Virtual Machine Control Block VMCB after a Level 2 L2 guest virtual machine VM execution. A local...

CVE-2026-45985

A flaw was found in the Linux kernel's ext4 filesystem. When allocating blocks for direct I/O DIO and writeback, an incorrect flag handling during extent splitting could lead to a mismatch between the on-disk extent status and the extent status tree. This issue, particularly when a temporary erro...

CVE-2026-45988

A flaw was found in the Linux kernel's rxrpc subsystem. When an rxrpc RESPONSE packet experiences a temporary processing failure, it may enter a partially decrypted state and be re-queued for another attempt. This incorrect handling of partially decrypted packets could lead to communication...

CVE-2026-45986

A flaw was found in the Linux kernel's cryptographic module, specifically within the ccmacdigest function of the ccree component. This vulnerability is a memory leak that occurs when a specific mapping operation fails to release allocated memory. Over time, this unreleased memory could lead to a...

CVE-2026-45991

A flaw was found in the Linux kernel's Universal Disk Format UDF filesystem. A remote attacker could exploit this vulnerability by tricking a user into mounting a specially crafted UDF image containing repeated partition descriptors. This could lead to a heap out-of-bounds write, potentially...

CVE-2026-45993

A flaw was found in the Linux kernel, specifically affecting the LoongArch architecture. The system call syscall dispatch table, which handles requests from user programs, does not properly validate the syscall number provided by userspace. This missing boundary check could allow a local attacker...

CVE-2026-45992

A flaw was found in the ALSA caiaq driver in the Linux kernel. This vulnerability occurs due to a potential leftover ep1inurb in the error path of setupcard. An attacker could potentially exploit this to cause a resource leak, which may lead to a denial of service...

CVE-2026-45995

A flaw was found in the Linux kernel's iouring/zcrx subsystem. This use-after-free UAF vulnerability occurs because the iofreerbufring function uses a struct userstruct that is prematurely freed by iozcrxifqfree before the ring is destroyed. A local attacker could potentially exploit this flaw to...

CVE-2026-45994

A flaw was found in the Linux kernel's ibmasm module. This vulnerability, an out-of-bounds read in the commandfilewrite function, allows an attacker to cause the system to read beyond the intended memory boundaries. By manipulating the allocation size and header fields, an attacker can trigger th...

CVE-2026-45996

A flaw was found in the Linux kernel, specifically within the spi: imx driver. This vulnerability, known as a use-after-free, occurs when the system attempts to access memory that has already been released, leading to unpredictable behavior. A local attacker could potentially exploit this issue t...

CVE-2026-45997

A flaw was found in the Linux kernel's SCSI disk sd driver. When adding a new device, a failure in deviceadd can lead to a resource leak where a gendisk remains referenced but is not properly freed. This missing cleanup, specifically the putdisk call, can result in resource exhaustion. A local...

CVE-2026-45998

A flaw was found in the Linux kernel's rxrpc subsystem. This vulnerability arises when the system attempts to unshare a packet buffer, and the operation fails due to an allocation issue. This failure can lead to a Use-After-Free UAF condition, where the system attempts to access memory that has...

CVE-2026-45999

A flaw was found in the Linux kernel's EROFS Enhanced Read-Only File System component. A local user could provide a specially crafted EROFS image that triggers an unsigned underflow in the zerofslz4handleoverlap function during LZ4 inplace decompression. This vulnerability allows the system to re...

CVE-2026-46000

A flaw was found in the Linux kernel's rxrpc component. Security operations that decrypt RESPONSE packets in place may share the socket buffer skbuff with a packet sniffer. This could allow a local attacker or an attacker with network access to intercept and view decrypted portions of these...

CVE-2026-46002

A flaw was found in the Linux kernel's ext2 filesystem. A local attacker could create a specially crafted filesystem image with malformed inodes index nodes that, when mounted, would not be properly rejected by the ext2iget function. This could lead to a kernel warning and potentially a system...

CVE-2026-46001

A flaw was found in the Linux kernel's hwmon pt5161l driver. The pt5161lreadblockdata function is vulnerable to a buffer overrun, where it can receive more data than its allocated buffer size. This can lead to memory corruption. Additionally, the function may return an unexpected positive value o...

CVE-2026-46004

A flaw was found in the Linux kernel, specifically within the ALSA caiaq driver. This vulnerability arises from improper error handling during the setupcard probe procedure. When an error occurs, the system may attempt to use memory that has already been freed, leading to a Use-After-Free UAF...

CVE-2026-46003

A flaw was found in the Linux kernel's qrtr nameserver. A malicious client can exploit this vulnerability by registering an excessive number of random nodes. This uncontrolled resource consumption leads to memory exhaustion, resulting in a Denial of Service DoS for the system...

CVE-2026-46007

A flaw was found in the Linux kernel's hwmon powerz component. This vulnerability is caused by cacheline sharing between the transfer buffer and a mutex during Direct Memory Access DMA operations. This architectural issue can lead to unexpected behavior or data corruption, impacting system...

CVE-2026-46005

A flaw was found in the Linux kernel's xfs filesystem. This resource leak occurs in the xfsallocbuftarg function's error path, where a DAX Direct Access device reference is not properly dropped. An attacker could potentially exploit this flaw to cause resource exhaustion, leading to a Denial of...

CVE-2026-46006

A flaw was found in the Linux kernel's drm/nouveau driver. An integer overflow vulnerability exists in the nouveaugempushbufrelocapply function. This occurs when a 32-bit unsigned integer relocbooffset is used in a bounds check, and the addition of a small value can cause it to wrap around, leadi...

CVE-2026-46008

A flaw was found in the Linux kernel's Data Access MONitor DAMON subsystem. A race condition exists in the memory management component, specifically during the exit process of kdamondfn and the registration of damoswalk requests. This vulnerability allows a local attacker to trigger a deadlock,...

CVE-2026-46009

A flaw was found in the Linux kernel, specifically within the PCI endpoint NTB Non-Transparent Bridge module. A programming error involving a duplicate resource teardown in the epfntbepcdestroy function can lead to a kernel 'oops', which is a system crash. This issue can be triggered during PCI...

CVE-2026-46010

A flaw was found in the Linux kernel's rxrpc component. Missing error handling in the rxgkextracttoken function, specifically when rxgkdecryptskb returns an out-of-memory error -ENOMEM, could lead to an unexpected system abort. This vulnerability could allow a local attacker to cause a Denial of...

CVE-2026-46011

A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...

CVE-2026-46013

A flaw was found in the Linux kernel. An issue in the memfdluo component, specifically within the putfolios cleanup path of memfdluoretrievefolios, leads to incorrect physical address conversion and a missing check for sparse file holes. This could result in incorrect memory handling, potentially...

CVE-2026-46014

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM and Secure Virtual Machine SVM components. This vulnerability is due to missing save and restore handling for Last Branch Record LBR Model Specific Registers MSRs and MSRIA32DEBUGCTLMSR. A local attacker with access to a...

CVE-2026-46016

A flaw was found in the Linux kernel's remoteproc xlnx component. This vulnerability occurs when the system attempts to process an Inter-Processor Interrupt IPI message without properly verifying its contents. An attacker could exploit this by causing the system to access an invalid memory...

CVE-2026-46019

A flaw was found in the Linux kernel's atmel-aes cryptographic driver. The atmelaesbuffcleanup function incorrectly deallocates memory, leading to a memory leak. Specifically, while atmelaesbuffinit allocates four pages of memory, atmelaesbuffcleanup only frees one page, resulting in three pages ...

CVE-2026-46018

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA USB audio driver. A malicious Universal Serial Bus USB audio device could send a malformed Universal Audio Class 2 UAC2 RANGE response. This could cause the system to repeatedly print error messages and potentially lead...

CVE-2026-46017

A flaw was found in the Linux kernel's memory management. A race condition in the deferred split queue during memory migration can lead to incorrect handling of memory pages. This issue may allow a local attacker to trigger a system warning, potentially causing system instability or a denial of...