205412 matches found
CVE-2026-45938
A flaw was found in the Linux kernel's pm8916lbc power supply module. A race condition exists during interrupt handling where an interrupt can fire after the powersupply handle is freed but before the interrupt handler is unregistered. This use-after-free vulnerability can lead to a system crash ...
CVE-2026-45936
A flaw was found in the Linux kernel's goldfish power supply driver. A race condition during driver removal or initialization can lead to a use-after-free vulnerability. This allows an interrupt to access a freed or uninitialized power supply handle, which can cause the system to crash, resulting...
CVE-2026-45939
A flaw was found in the Linux kernel's gpib module. Improper error handling within the niusbinit function can lead to a memory leak. This occurs when the niusbsetupinit function fails to initialize, causing an allocated buffer to not be freed. Over time, this could result in reduced system...
CVE-2026-45940
A flaw was found in the Linux kernel's stmmac Ethernet driver. When split header functionality is enabled for GMAC4, the hardware may not fully populate a buffer in the first descriptor. This can lead to an incorrect calculation of buffer length in subsequent descriptors, resulting in a kernel...
CVE-2026-45941
A flaw was found in the Linux kernel's tpmi2cinfineon module. This vulnerability occurs when the getburstcount function fails due to a timeout, causing the system to not release an acquired locality. An attacker could potentially exploit this to cause a resource exhaustion, leading to a Denial of...
CVE-2026-45942
A flaw was found in the Linux kernel's ext4 filesystem. A race condition exists between page migration and bitmap modification within the loadbuddy function. This can lead to bitmap inconsistencies and false positive corruption reports during certain workloads. This issue can affect data integrit...
CVE-2026-45944
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit VT-d Virtualization Technology for Directed I/O component. When a context entry is being torn down, the 'Present' bit might not be cleared before other parts of the entry are zeroed. This can lead to the hardware...
CVE-2026-45943
A flaw was found in the Linux kernel's erofs filesystem. This issue occurs when compressed folios for ztailpacking pclusters are not validated before being added to I/O chains. An attacker could potentially trigger a NULL pointer dereference, leading to a system crash and a Denial of Service DoS...
CVE-2026-45945
A flaw was found in the Linux kernel's Intel VT-d Virtualization Technology for Directed I/O implementation. A race condition occurs during the replacement of an active PASID Process Address Space ID entry. This can lead to the IOMMU Input/Output Memory Management Unit hardware reading an...
CVE-2026-45946
A flaw was found in the Linux kernel's ab8500 power supply driver. A race condition exists during the deallocation of a power supply component and the unregistration of its interrupt handler. This can lead to the interrupt handler attempting to access memory that has already been freed, a conditi...
CVE-2026-45948
A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs in the ext4extshiftextents function, where a memory leak can happen if the function returns prematurely without releasing a previously obtained path. A local attacker could potentially exploit this to cause a denial...
CVE-2026-45947
A flaw was found in the Linux kernel's AMD GPU display drm/amdgpu component. This vulnerability involves a memory leak within the amdgpuacpienumeratexcc function. When certain errors occur during the initialization process, the system fails to properly release allocated memory. This oversight can...
CVE-2026-45949
A flaw was found in the Linux kernel's hardware random number generator hwrng core. A race condition exists where concurrent or rapid calls to the hwrngunregister function can lead to a use-after-free vulnerability. This issue allows the system to attempt to access freed memory, potentially causi...
CVE-2026-45950
A flaw was found in the Linux kernel's starfiveaesaeaddoonereq function within the crypto: starfive component. This vulnerability occurs because memory allocated for rctx-adata is not properly freed if sgcopytobuffer or starfiveaeshwinit operations fail. This can lead to memory leaks, potentially...
CVE-2026-45951
A flaw was found in the Linux kernel, specifically within its BPF Berkeley Packet Filter subsystem. This vulnerability, a use-after-free, arises from incorrect reference counting in the checkpseudobtfid function. It allows a local attacker to potentially corrupt memory, which could lead to...
CVE-2026-45952
A flaw was found in the Linux kernel's fbnic driver. This vulnerability allows a local user to cause a Denial of Service DoS by increasing the Maximum Transmission Unit MTU beyond the hardware's threshold while an eXpress Data Path XDP program is attached. This improper validation of MTU changes...
CVE-2026-45953
A flaw was found in the Linux kernel's RAID5 module. When a low-level bitmap llbitmap bit state is unwritten in a degraded array, a missing check during write operations can cause the system to enter an infinite loop. This can lead to an I/O hang, effectively resulting in a Denial of Service DoS...
CVE-2026-45954
A flaw was found in the Linux kernel's au1200fb framebuffer driver. When the platformgetirq function fails during the au1200fbdrvprobe process, the driver incorrectly returns an error without releasing allocated memory. This memory leak could be exploited by a local attacker, potentially leading ...
CVE-2026-45956
A flaw was found in the Linux kernel's drm/exynos component. This vulnerability arises from an incorrect lookup of device information within the vidiconnectionioctl function, where the system uses an improper pointer to access data. This can lead to memory corruption, which means the system might...
CVE-2026-45955
A flaw was found in the Linux kernel's md/md-llbitmap component. This vulnerability occurs when a suspend operation times out, failing to properly reset a critical internal reference. This oversight leaves the system's page control structure in an unusable state. This issue can lead to system...
CVE-2026-45958
A flaw was found in the Linux kernel's drm/exynos: vidi driver. A local user could exploit this vulnerability by directly dereferencing a user pointer in the vidiconnectionioctl function. This allows for arbitrary kernel memory access from user space, potentially leading to privilege escalation o...
CVE-2026-45957
A flaw was found in the Linux kernel's Read-Copy Update RCU mechanism. A missing recursion protection in the rcureadunlock function can lead to an infinite loop, known as a deadloop, when a soft interrupt softirq is triggered. This issue can cause the system to become unresponsive, resulting in a...
CVE-2026-45959
A flaw was found in the Linux kernel's crypto: ccp module. An incorrect cleanup usage of the kfree function, which is used for memory deallocation, with a local pointer variable could lead to an invalid deallocation of a stack address. This issue can result in a system crash, causing a Denial of...
CVE-2026-45960
A flaw was found in the Linux kernel's hfsplus filesystem. When the hfsbnodecreate function attempts to create a node that already exists, it returns the existing node without properly incrementing its reference count. This can occur due to filesystem corruption or when a node is incorrectly mark...
CVE-2026-45962
A flaw was found in the Linux kernel's userspace block ublk driver. This vulnerability allows a local attacker to cause an out-of-boundary memory access by providing a specially crafted command that bypasses the IOURINGFSQE128 flag check. This could lead to a system crash, resulting in a denial o...
CVE-2026-45961
A flaw was found in the Linux kernel's GFS2 filesystem. When a GFS2 filesystem transitions to read-write mode, specific error handling paths within the gfs2fillsuper function fail to properly deallocate memory. This can lead to memory leaks of kernel thread objects and quota bitmap buffers. Over...
CVE-2026-45963
A flaw was found in the Linux kernel's ASoC nau8821 driver. This vulnerability occurs when the driver is unloaded, and a pending jack detection work jdetwork is not properly cancelled or allowed to complete. An attacker could exploit this by triggering the driver unload under specific conditions,...
CVE-2026-45964
A flaw was found in the Linux kernel's SUNRPC Sun Remote Procedure Call gssauth module. An issue in the error handling path for gssallocmsg could lead to a kernel reference count kref leak. This occurs when a memory allocation fails, preventing the proper release of the gssauth structure. A local...
CVE-2026-45966
A flaw was found in the AppArmor security module within the Linux kernel. This vulnerability occurs when the system processes file descriptors, which are references to open files or other I/O resources, using a specific inter-process communication mechanism called SCMRIGHTS. A missing check for...
CVE-2026-45965
A flaw was found in the AppArmor security module of the Linux kernel. When the exportbinary parameter is disabled at runtime, a previously loaded profile that is subsequently replaced can lead to a NULL pointer dereference. This occurs when the system attempts to resolve symbolic links to raw dat...
CVE-2026-45968
A flaw was found in the Linux kernel's cpuidle subsystem. On certain PowerNV systems, when only a single idle state is available, the cpuidle ladder governor may incorrectly treat state 1 as usable. This can lead to an out-of-bounds index being passed, causing a NULL enter callback to be invoked...
CVE-2026-45969
A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. The psgamepadcreate function does not verify the return value of inputffcreatememless. This missing check can lead to incorrect behavior or potential system crashes when Force Feedback FF effects are activated...
CVE-2026-45967
A flaw was found in the Linux kernel. Specifically, a bug in the mapdirectvalueaddr function, which is part of the Berkeley Packet Filter BPF instruction array map, leads to incorrect address calculations when dealing with non-zero offsets. This issue could result in the kernel accessing unintend...
CVE-2026-48710
A flaw was found in Starlette, a lightweight ASGI Asynchronous Server Gateway Interface framework. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP Host request header. This malformed header could cause the request.url to be incorrectly reconstructed, leading...
CVE-2026-45970
A flaw was found in the Linux kernel's bonding driver, specifically within the Active-Backup Load Balancing ALB receive path. A local attacker can trigger a Use-After-Free UAF vulnerability in the rlbarprecv function by rapidly bringing a bond interface up and down while receiving Address...
CVE-2026-45971
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF component. A local attacker could exploit this vulnerability by providing an excessively large BPF program signature. This could force the kernel into expensive memory allocation paths, potentially leading to resource exhaustion an...
CVE-2026-45972
A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability, within the smb2openfile function, could allow an attacker to cause memory corruption due to improper handling of memory during file open operations. This could lead to system instability or potentially...
CVE-2026-45973
A flaw was found in the Linux kernel's RDMA/mlx5 driver. A race condition during firmware reset in Link Aggregation Group LAG mode can cause the driver to hang indefinitely while waiting for Unregister Memory Region UMR completion during device unload. This can lead to a denial of service, making...
CVE-2026-45974
A flaw was found in the Linux kernel's btrfs filesystem. The btrfsquotaenable function contains a logic error where it attempts to access an invalid memory location if a specific key is not found during a search operation. This incorrect handling of search results can lead to invalid leaf access,...
CVE-2026-45975
A flaw was found in the Linux kernel's ublk subsystem. A local attacker could exploit a race condition where the kernel reads struct ublksrvctrlcmd from userspace-mapped memory without proper synchronization. This allows a malicious user to concurrently write to the structure, potentially causing...
CVE-2026-45976
A flaw was found in the Linux kernel's drm/amdgpu driver. When the amdgpunbiorasswinit function fails during the amdgpurasinit process, an allocated memory structure is not properly released. This oversight results in a memory leak. Over time, this memory leak could potentially lead to system...
CVE-2026-45978
A flaw was found in the Linux kernel's Greybus Lights subsystem. This vulnerability occurs when the gblightslightconfig function attempts to store a channel count before successfully allocating the corresponding channels array. If the memory allocation fails, a subsequent cleanup operation can tr...
CVE-2026-45977
A flaw was found in the Linux kernel's fbnic Fibre Channel over Ethernet Network Interface Card driver. A race condition exists in the handling of firmware logs, where the log can be freed while still being accessed. This can lead to a use-after-free vulnerability, potentially allowing an attacke...
CVE-2026-45982
A flaw was found in the Linux kernel. A NULL pointer dereference in the acpievaddressspacedispatch function could allow a local attacker to cause a denial of service DoS by triggering a missed execution path. This vulnerability arises from an incomplete check in the Advanced Configuration and Pow...
CVE-2026-45979
A flaw was found in the Linux kernel's amdgpu graphics driver. When the system experiences low memory conditions, a specific cleanup routine within the amdgpucsparserbos function may fail to properly unlock a mutex. This oversight can lead to resource contention, potentially causing a denial of...
CVE-2026-45980
A flaw was found in the Linux kernel's accel/amdxdna driver. A local user could exploit this vulnerability by running jobs on a hardware context while it is in the process of releasing resources. This improper job scheduling can lead to a use-after-free condition, resulting in system crashes and ...
CVE-2026-45983
A flaw was found in the Linux kernel's Network File System version 4 NFSv4 daemon nfsd. When processing NFSv4 requests, delayed responses from idmap lookups can cause requests to be dropped. This issue prevents the session slot from being properly cleared, leading to subsequent client requests...
CVE-2026-45981
A flaw was found in the Linux kernel, specifically within the s390/cio component. This vulnerability stems from incorrect device lifecycle management during subchannel allocation. This could allow an attacker to trigger use-after-free or double-free conditions, potentially leading to system...
CVE-2026-45984
A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...
CVE-2026-45990
A flaw was found in the Linux kernel. This vulnerability, a type of memory corruption, occurs within the krealloc and kvrealloc memory reallocation functions. When memory objects are resized or moved, these functions can incorrectly calculate the amount of data to copy, leading to an out-of-bound...