Lucene search
K
LinuxLinux Kernel

14062 matches found

CVE
CVE
added 2026/04/03 3:15 p.m.22 views

CVE-2026-31392

CVE-2026-31392 concerns the Linux kernel SMB client and Kerberos username handling. The issue was fixed by ensuring the username mount option is respected when sec=krb5 is used, preventing reuse of an SMB session across mounts with different usernames. Connected OSV records show Debian/Ubuntu/roo...

8.1CVSS5.7AI score0.00122EPSS
CVE
CVE
added 2026/02/14 4:1 p.m.21 views

CVE-2026-23166

CVE-2026-23166 pertains to the Linux kernel ice driver. The issue arises from a NULL dereference in ice_vsi_set_napi_queues when rings[q_idx]->q_vector is NULL during resume from suspend. The fix adds NULL pointer checks for both the ring pointer and its q_vector in ice_vsi_set_napi_queues, en...

5.5CVSS5.3AI score0.00113EPSS
CVE
CVE
added 2026/02/14 4:1 p.m.21 views

CVE-2026-23169

CVE-2026-23169 is a Linux kernel vulnerability where a race in mptcp_pm_nl_flush_addrs_doit() could crash the kernel. Root cause: list_splice_init() is not RCURED and cannot be called while holding pernet->lock spinlock; list_splice_init_rcu() was misusefully invoked in that context. The issue...

7.8CVSS5.2AI score0.00129EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.21 views

CVE-2026-23184

CVE-2026-23184 concerns a Linux kernel use-after-free in binder_netlink_report() triggered by a BR_TRANSACTION_PENDING_FROZEN path in binder_proc_transaction(). A one-way transaction to a frozen target could be treated as successful, leading to unsafe access to a transaction structure after a pen...

7.8CVSS5.3AI score0.0012EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.21 views

CVE-2026-23185

In the Linux kernel vulnerability CVE-2026-23185, the issue is in the wifi: iwlwifi: mld: cancel mlo_scan_start_wk. The work mlo_scan_start_wk is not canceled on disconnection and is not canceled elsewhere except in restart cleanup. This can cause an init-after-queue issue if the work was queued ...

7.8CVSS5.2AI score0.00127EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.21 views

CVE-2026-23187

CVE-2026-23187 is tied to the Linux kernel: a bug in pmdomain/imx8m-blk-ctrl could trigger an out-of-range access to bc->domains in imx8m_blk_ctrl_remove(), potentially leading to memory corruption. The issue is acknowledged and listed in SUSE-SU-2026:1661-1 as CVE-2026-23187, with the fix des...

7.1CVSS5.2AI score0.00117EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.21 views

CVE-2026-23190

Mode C: CVE-2026-23190 affects the Linux kernel ASoC/amd driver; the issue is a memory leak in acp3x PDM DMA ops. Public advisories (Mageia, SUSE/OpenSUSE, Oracle Linux, Debian) confirm upstream fix in kernel. Remediation is applying the upstream patch (memory leak in acp3x pdm dma ops) or upgrad...

5.5CVSS5.2AI score0.00114EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.21 views

CVE-2026-23230

CVE-2026-23230 is a Linux kernel local race in the SMB/CIFS client code where cached_fid bitfields (is_open, has_lease, on_list) were updated via concurrent paths, causing read–modify–write races. The root cause is that these three flags shared a single byte, so an update to one could overwrite o...

8.8CVSS5.4AI score0.00218EPSS
CVE
CVE
added 2026/03/18 5:41 p.m.21 views

CVE-2026-23257

CVE-2026-23257 is a Linux kernel off-by-one cleanup bug affecting PF setup_nic_devices() in the liquidio path, linked to a memory leak. Connected advisories indicate Root:Ubuntu:24.04 and Ubuntu:22.04 have patched this CVE in the rootio-linux package, with multiple fixed versions available. The p...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/03/18 5:41 p.m.21 views

CVE-2026-23262

CVE-2026-23262 affects the Linux kernel gve driver when queue counts are changed. The NIC and driver share a region in memory for stats reporting; the NIC calculates its offset into this region using the total stats size and the NIC’s own stats size. When the queue count increases, the driver res...

7.8CVSS5.7AI score0.0012EPSS
CVE
CVE
added 2026/03/20 8:8 a.m.21 views

CVE-2026-23276

CVE-2026-23276 fixes a recursion vulnerability in the Linux kernel networking stack. When a bonded interface in broadcast mode has GRE tunnel slaves, multicast/broadcast traffic could trigger infinite recursion between bond_xmit_broadcast() and ip_tunnel_xmit()/ip6_tnl_xmit(), risking a kernel st...

5.5CVSS5.6AI score0.00128EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23318

CVE-2026-23318 affects the Linux kernel ALSA USB-audio UAC3 header validation. The validator table for UAC3 AC header descriptors used UAC_VERSION_2 instead of UAC_VERSION_3, so real UAC3 devices were not validated and could trigger out-of-bounds reads when the driver accesses unvalidated descrip...

7.1CVSS5.6AI score0.00132EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23363

The CVE-2026-23363 issue affects the Linux kernel wifi driver stack, specifically the mt7925 component of the mt76 driver. A missing frame-length check in mt7925_mac_write_txwi_80211() could allow out-of-bounds access to management fields, potentially impacting system stability. The vulnerability...

7.1CVSS5.6AI score0.00125EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.21 views

CVE-2026-23381

CVE-2026-23381 – Linux kernel net/bridge nd_tbl NULL dereference when IPv6 is disabled . When booted with ipv6.disable=1, nd_tbl isn’t initialized because inet6_init() exits early, causing br_do_suppress_nd() to dereference a NULL ipv6_stub->nd_tbl and trigger a kernel NULL pointer dereference...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.21 views

CVE-2026-23386

CVE-2026-23386 concerns the Linux kernel gve driver in QPL mode, where gve_tx_clean_pending_packets() could misinterpret the dma_addr_t array as buffer IDs, causing out-of-bounds/unmap errors. The root cause was an improper buffer cleanup path in gve_tx_clean_pending_packets() that could referenc...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/04/01 8:36 a.m.21 views

CVE-2026-23404

CVE-2026-23404 affects the Linux kernel AppArmor profile management. The issue arises from recursive profile removal in the AppArmor code path; nested profiles could trigger deep recursion, risking kernel stack exhaustion and system crashes. The connected documents confirm the root cause is the r...

5.5CVSS5.8AI score0.00177EPSS
CVE
CVE
added 2026/04/01 8:36 a.m.21 views

CVE-2026-23408

The CVE-2026-23408 issue affects the Linux kernel AppArmor module. The root cause was a double free of ns_name in aa_replace_profiles(): ns_name could be NULLed after it had been transferred from ent->ns_name, but ent->ns_name was freed later, and then freed again when kfree(ns_name). The p...

7.8CVSS5.7AI score0.00181EPSS
CVE
CVE
added 2026/04/13 1:21 p.m.21 views

CVE-2026-31417

The CVE-2026-31417 issue affects the Linux kernel’s net/x25 implementation. Affected component: x25_sock.fraglen can overflow during packet accumulation, with the root cause involving missing overflow checks and an incorrect fraglen reset when fragment_queue is purged in x25_clear_queues(). The p...

7.5CVSS5.8AI score0.00389EPSS
CVE
CVE
added 2026/04/13 1:40 p.m.21 views

CVE-2026-31423

The CVE-2026-31423 issue affects the Linux kernel’s net/sched sch_hfsc; rtsc_min() can divide by a value derived from the difference of large u64 slopes, risking a divide-by-zero when the difference equals 2^32. The fix widens the internal counter to u64 and replaces do_div() with div64_u64() to ...

5.5CVSS5.8AI score0.00115EPSS
CVE
CVE
added 2026/04/22 1:53 p.m.21 views

CVE-2026-31436

Summary of CVE-2026-31436 : The Linux kernel’s dmaengine idxd driver contains a bug in the llist_abort_desc() function where the code completes the wrong descriptor (the variable “found” rather than the traversal cursor “d”) as the function unwinds a doubly linked list. This can lead to NULL poin...

9.8CVSS5.6AI score0.00457EPSS
CVE
CVE
added 2026/04/22 1:53 p.m.21 views

CVE-2026-31451

CVE-2026-31451: In the Linux kernel ext4_read_inline_folio, BUG_ON was replaced with proper error handling when inline data size exceeds PAGE_SIZE. The fix prevents kernel panics, logs the filesystem corruption via ext4_error_inode(), releases the buffer head to avoid leaks, and returns -EFSCORRU...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.21 views

CVE-2026-31503

CVE-2026-31503 concerns a Linux kernel UDP hash2-based wildcard-bind conflict check that can miss an in-use port when many sockets bind to the same port. The issue arises because UDP uses two hashes (hash and hash2) for collision detection and switches to hash2 only when hslot->count > 10, ...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.21 views

CVE-2026-31523

In the Linux kernel NVMe PCI driver, CVE-2026-31523 is a race condition: a running change to the polled queue count can create a brief window during reset where a hipri task poll occurs before queue maps are updated, risking double completions when the interrupt-driven path takes over. The issue ...

4.7CVSS5.6AI score0.00089EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.21 views

CVE-2026-31587

Summary (based on provided sources): CVE-2026-31587 affects the Linux kernel ASoC qcom q6apm component. The issue arises when the q6apm registers DAIs dynamically from ASoC topology using device-managed APIs for both the component and the DAIs, which can lead to an incorrect free ordering and a u...

7.8CVSS5.4AI score0.00126EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.21 views

CVE-2026-31619

The CVE-2026-31619 vulnerability affects the Linux kernel ALSA fireworks driver where a 32-bit status value from a FireWire device could be looked up in a 17-entry efr_status_names[] array, potentially indexing outside the array and causing incorrect string formatting. The issue could interpret E...

5.5CVSS5.3AI score0.00125EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.21 views

CVE-2026-31628

CVE-2026-31628 concerns the Linux kernel on Zen1 CPUs, where the x86/CPU FPDSS issue could allow a local attacker to leak partial results from prior operations via the hardware divider. Patches fix the vulnerability by applying a kernel change (the “chicken bit”) to prevent leakage. Connected adv...

5.5CVSS5.3AI score0.00125EPSS
CVE
CVE
added 2026/04/24 2:44 p.m.21 views

CVE-2026-31637

The CVE-2026-31637 vulnerability lies in the Linux kernel rxrpc subsystem. Specifically, rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the buffer as plaintext without confirming that crypto_skcipher_decrypt() succeeded. A malformed RXKAD response could use a non-block-...

9.8CVSS5.6AI score0.00514EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.21 views

CVE-2026-31666

CVE-2026-31666 affects the Linux kernel’s btrfs filesystem. A defect in lookup_extent_data_ref() caused an incorrect return value when transitioning between leaves, due to merged err/ret handling: if btrfs_next_leaf() returns 0, ret could be overwritten from -ENOENT to 0, making a non-matching ke...

7.8CVSS5.4AI score0.0012EPSS
CVE
CVE
added 2026/04/25 8:46 a.m.21 views

CVE-2026-31675

CVE-2026-31675 — Linux kernel netem out-of-bounds in packet corruption The issue arises in net/sched: sch_netem where the packet corruption logic selects an index into skb->data using get_random_u32_below(skb_headlen(skb)). For AF_PACKET TX_RING sending fully non-linear packets over an IPIP tu...

7.8CVSS5.6AI score0.00126EPSS
CVE
CVE
added 2026/04/25 8:46 a.m.21 views

CVE-2026-31676

The CVE-2026-31676 issue concerns the Linux kernel’s rxrpc subsystem. A flaw allowed duplicate or late RESPONSE packets to be processed outside the intended RXRPC_CONN_SERVICE_CHALLENGING state. The fix enforces state-checking under a state_lock before performing response verification and securit...

7.5CVSS5.4AI score0.00389EPSS
CVE
CVE
added 2026/05/01 1:56 p.m.21 views

CVE-2026-31718

The CVE-2026-31718 entries describe a use-after-free in ksmbd (Linux kernel in-kernel SMB3 server) triggered when a durable file handle survives a session disconnect. The root cause is an asymmetric cleanup of lock state: byte-range locks left on a freed conn->lock_list after fp->conn is nu...

9.8CVSS5.7AI score0.00356EPSS
CVE
CVE
added 2026/05/01 1:56 p.m.21 views

CVE-2026-31719

CVE-2026-31719 concerns the Linux kernel crypto/krb5enc async decrypt path where the skcipher completion could bypass the hash verification, bypassing integrity checks. The root cause is krb5enc_dispatch_decrypt() signaling completion without invoking krb5enc_dispatch_decrypt_hash(). The fix adds...

7.5CVSS5.7AI score0.00294EPSS
CVE
CVE
added 2026/05/01 2:14 p.m.21 views

CVE-2026-31758

The CVE-2026-31758 entry affects the Linux kernel usbtmc implementation. The vulnerability arises when releasing USB Test & Measurement Channels: pending anchored URBs are not flushed or killed during usbtmc_release, allowing use-after-free conditions (notably in the Host Controller Driver giveba...

7.8CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.21 views

CVE-2026-31785

Summary: CVE-2026-31785 affects the Linux kernel DRM XE pagefault path. The issue was that the page fault handler could permit write/atomic access to read-only VMAs. Root cause: xe_pagefault_service did not reject writes to read-only VMAs after the VMA lookup. Impact (as described): restoration o...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/05/02 6:11 a.m.21 views

CVE-2026-43058

The CVE covers a Linux kernel issue in media: vidtv where vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their argument structs by value, triggering MSAN warnings for uninitialized data. The root cause is stack-copy of the structs; the patch changes the functions to accept them by ...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/05 3:23 p.m.21 views

CVE-2026-43063

CVE-2026-43063 pertains to the Linux kernel XFS attribute recovery path. The vulnerability arises when xlog_recovery_iget* fails to yield a valid pointer and an ensuing irele operates on a dangling pointer, potentially enabling a local attacker to crash the system and cause a DoS. The Red Hat adv...

7.8CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/05 3:29 p.m.21 views

CVE-2026-43073

CVE-2026-43073 stems from a misnamed x86-64 kernel routine __copy_user_nocache(), a non-temporal destination copy with exception handling that is not actually a pure user-kernel copy and has complex alignment behavior. The fix renames the function and normalizes the prototype so callers perform p...

5.5CVSS5.7AI score0.00117EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.21 views

CVE-2026-43078

The CVE-2026-43078 entry affects the Linux kernel crypto/af_alg component. A root-cause was an overflow in page reassignment within af_alg_pull_tsgl where the update to support page reallocation wasn’t fully reflected in the loop, allowing one extra page to be reassigned. The vulnerability is des...

7.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.21 views

CVE-2026-43094

CVE-2026-43094 affects the Linux kernel ixgbevf driver on Hyper-V VMs. The root cause is a missing negotiate_features callback in the Hyper-V mac_ops table, causing ixgbevf_negotiate_api() to dereference a NULL hw->mac.ops.negotiate_features() during feature negotiation. This can lead to a NUL...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.21 views

CVE-2026-43096

In the Linux kernel mshv component, CVE-2026-43096 patches an infinite fault loop caused by permission-denied GPA intercepts. The issue occurred when guest access to memory regions triggered remaps for all faults on movable regions, even if access type wasn’t permitted, causing a re-fault and vCP...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.21 views

CVE-2026-43101

The CVE-2026-43101 entry refers to a Linux kernel IPv6 IOAM issue: __ioam6_fill_trace_data() could dereference NULL if __in6_dev_get() returns NULL. The fix replaces skb_dst_dev() with skb_dst_dev_rcu() and adds two missing READ_ONCE() checks; it also enforces that @dev cannot be NULL. Patches ar...

7.5CVSS5.7AI score0.00426EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.21 views

CVE-2026-43171

The CVE-2026-43171 described affects the Linux kernel EFI/CPER component where cper_print_fw_err() does not validate the error-record length against the given offset, allowing an underflow that can cause dumping of large memory regions. Consequences include potential data disclosure and system in...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43203

The CVE covers a Linux kernel fore200e ATM driver use-after-free during device removal (PCA-200E/SBA-200E). Vulnerability arises when tx_tasklet/rx_tasklet run or pending after fore200e is freed, risking access to freed memory. The published fixes synchronize tasklets with device shutdown by addi...

7.5CVSS5.7AI score0.00435EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43209

CVE-2026-43209 – minix filesystem sanity check in Linux kernel : The minix filesystem implementation lacked proper sanity checks in minix_check_superblock(), notably for s_log_zone_size, which the patch now enforces (only 0 is supported). The update also adds sanity checks for other superblock fi...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43219

CVE-2026-43219 concerns the Linux kernel networking code in cpsw_new. The issue arises when register_netdev() fails for the first MAC in cpsw_register_ports() but cpsw->slaves[1].ndev remains set, allowing cpsw_unregister_ports() to later try to unregister the second MAC. The root cause is not...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43234

CVE-2026-43234 concerns the Linux kernel team driver. The issue arises when unregistering a slave from a team interface while a NETDEV_CHANGEMTU event is pending, potentially causing a deadlock/resource exhaustion and system unresponsiveness as shown by reproduction steps involving creating a tea...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43238

CVE-2026-43238 is a Linux kernel issue in the net/sched act_skbedit module. The bug arises in tcf_skbedit_hash() when calculating mapping_mod = queue_mapping_max - queue_mapping + 1, which could reach 65536 for full u16 queue ranges. This value cannot fit in a u16 and previously wrapped to 0, cau...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43241

CVE-2026-43241 affects the Linux kernel component ntb_hw_switchtec. The root cause is an array-index-out-of-bounds access related to the number of MW LUTs (dependent on NTB configuration) which can access mw_sizes incorrectly. A patch was applied to guard against invalid index accesses and to pri...

7.1CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43244

CVE-2026-43244 affects the Linux kernel KCM (Kernel Connection Multiplexer). The issue arises during partial sendmsg operations: when kcm_sendmsg fills MAX_SKB_FRAGS, it allocates a new skb in frag_list and may copy data; if the copy fails, the new tail skb can have zero frags, leaving an empty e...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43245

CVE-2026-43245 affects the Linux kernel NTFS driver. The root cause is that ntfs: ->d_compare() could block, with related memory-allocation issues in names_cachep. The authenticated fixes switch critical paths to non-blocking allocations: use kmalloc(PATH_MAX, GFP_NOWAIT) for the path/name han...

7.5CVSS5.8AI score0.00441EPSS
Total number of security vulnerabilities14062