Lucene search
K
LinuxLinux Kernel

14088 matches found

CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43209

CVE-2026-43209 – minix filesystem sanity check in Linux kernel : The minix filesystem implementation lacked proper sanity checks in minix_check_superblock(), notably for s_log_zone_size, which the patch now enforces (only 0 is supported). The update also adds sanity checks for other superblock fi...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43219

CVE-2026-43219 concerns the Linux kernel networking code in cpsw_new. The issue arises when register_netdev() fails for the first MAC in cpsw_register_ports() but cpsw->slaves[1].ndev remains set, allowing cpsw_unregister_ports() to later try to unregister the second MAC. The root cause is not...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43234

CVE-2026-43234 concerns the Linux kernel team driver. The issue arises when unregistering a slave from a team interface while a NETDEV_CHANGEMTU event is pending, potentially causing a deadlock/resource exhaustion and system unresponsiveness as shown by reproduction steps involving creating a tea...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43238

CVE-2026-43238 is a Linux kernel issue in the net/sched act_skbedit module. The bug arises in tcf_skbedit_hash() when calculating mapping_mod = queue_mapping_max - queue_mapping + 1, which could reach 65536 for full u16 queue ranges. This value cannot fit in a u16 and previously wrapped to 0, cau...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43241

CVE-2026-43241 affects the Linux kernel component ntb_hw_switchtec. The root cause is an array-index-out-of-bounds access related to the number of MW LUTs (dependent on NTB configuration) which can access mw_sizes incorrectly. A patch was applied to guard against invalid index accesses and to pri...

7.1CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43244

CVE-2026-43244 affects the Linux kernel KCM (Kernel Connection Multiplexer). The issue arises during partial sendmsg operations: when kcm_sendmsg fills MAX_SKB_FRAGS, it allocates a new skb in frag_list and may copy data; if the copy fails, the new tail skb can have zero frags, leaving an empty e...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43245

CVE-2026-43245 affects the Linux kernel NTFS driver. The root cause is that ntfs: ->d_compare() could block, with related memory-allocation issues in names_cachep. The authenticated fixes switch critical paths to non-blocking allocations: use kmalloc(PATH_MAX, GFP_NOWAIT) for the path/name han...

7.5CVSS5.8AI score0.00441EPSS
CVE
CVE
added 2026/05/06 11:29 a.m.21 views

CVE-2026-43280

CVE-2026-43280 is a Linux kernel vulnerability in the drm/xe module where a malicious user can supply a malformed pat_index via the madvise IOCTL, triggering an out-of-bounds read from xe->pat.table due to missing bounds checking in xe_pat_index_get_coh_mode() (validated only by a call in madv...

7.1CVSS5.8AI score0.00118EPSS
CVE
CVE
added 2026/05/06 11:29 a.m.21 views

CVE-2026-43283

The CVE-2026-43283 issue is in the Linux kernel's ec_bhf Ethernet driver where error-path handling used priv->rx_buf.alloc_len as the DMA handle in dma_free_coherent(), risking improper unmapping and potential memory corruption or DoS. The fix changes the DMA handle to priv->rx_buf.alloc_ph...

8.8CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.21 views

CVE-2026-43289

CVE-2026-43289 relates to the Linux kernel kexec flow. The patch fixes kexec_load_purgatory() so image->start is derived from the purgatory_start symbol when present, rather than blindly locating e_entry within an SHF_EXECINSTR section. This prevents the entrypoint check from matching multiple...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.21 views

CVE-2026-43294

The CVE-2026-43294 entry concerns Linux kernel’s MIPI-DSI driver for Renesas rz-du/rzg2l panels. Root cause: in reboot/unprepare paths, the MIPI-DSI interface could be stopped too late, causing a kernel panic via rzg2l_mipi_dsi_host_transfer(). Fix: move rzg2l_mipi_dsi_stop() to the new callback ...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.21 views

CVE-2026-43301

CVE-2026-43301 relates to the Linux kernel driver for the wave5 media component. The issue arises when the driver’s remove path unconditionally calls pm_runtime_put_sync(), which can underflow the PM usage count if autosuspend was already activated during probe. This mismatch prevents proper refe...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.21 views

CVE-2026-43308

CVE-2026-43308 affects the Linux kernel’s Btrfs code path, where an unexpected delayed ref type could previously trigger a BUG() in run_one_delayed_ref(). The issue could enable a local attacker to induce a system crash/DoS by triggering the faulty delay path. The advisory notes that the code can...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.21 views

CVE-2026-43310

The CVE-2026-43310 issue affects the Linux kernel Verisilicon media driver on the i.MX8MQ platform. It describes a hardware limitation where the g1 VPU and g2 VPU cannot decode H.264 and HEVC simultaneously; doing so can trigger a bus error, producing corrupted video output and potentially causin...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/05/08 1:26 p.m.21 views

CVE-2026-43317

CVE-2026-43317 affects the Linux kernel under the internal module path described as the “most: core” component. The issue is a resource leak that occurs during early registration failures, where resources associated with the interface are not properly released. A recent commit fixes a leak in the...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.21 views

CVE-2026-43325

Summary: The Linux kernel iwlwifi mvm driver must not send MCC_ALLOWED_AP_TYPE_CMD to devices that don’t support 6E. The firmware erroneously advertised 6E support for AX201, causing a firmware crash and potential DoS. The entry is resolved in the provided references; no exploit details or active...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.21 views

CVE-2026-43331

Summary of details (CVE-2026-43331): In the Linux kernel, a KCOV instrumentation issue in the x86/kexec path is resolved by disabling KCOV for the affected areas. The root cause is that load_segments() changes segment registers and invalidates the GS base KCOV relies on for per-CPU data, causing ...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.21 views

CVE-2026-43337

CVE-2026-43337 concerns the Linux kernel DRM/AMD display path, where a NULL pointer dereference can occur in dcn401_init_hw() when calling update_bw_bounding_box() without validating the callback pointer. The existing condition ((!fams2_enable && update_bw_bounding_box) || freq_changed) can evalu...

5.5CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2026/05/08 1:41 p.m.21 views

CVE-2026-43349

The CVE-2026-43349 entry concerns the Linux kernel’s Flash-Friendly File System (f2fs). The issue arises when f2fs_finish_read_bio() may access uninitialized data in a folio if a read from the device fails, triggering an uninitialized-value access in f2fs_sanity_check_node_footer. The root cause,...

5.5CVSS5.8AI score0.00112EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43352

This CVE concerns the Linux kernel i3c mipi-i3c-hci driver DMA ring abort handling. The root cause is flawed abort logic that could disrupt the controller state: the code could issue an abort even when the ring is stopped, the abort completion is not re-initialized, aborts could clear RING_CTRL_E...

7.8CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43360

CVE-2026-43360 affects the Linux kernel Btrfs file system. A hash-collision during multi-file creation can force multiple entries into a single dir item and, once a leaf size limit is reached, abort the transaction and leave the filesystem read-only, enabling a local DoS without admin privileges....

5.5CVSS5.8AI score0.00163EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43362

CVE-2026-43362 affects the Linux kernel SMB client by an in-place encryption flaw in SMB2_write(), where the write payload could be replaced with ciphertext during retries on unstable connections. The root cause is that smb3_init_transform_rq() shares rq_iov, causing crypt_message() to in-place-e...

8.1CVSS5.8AI score0.00217EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43368

The CVE-2026-43368 entry concerns the Linux kernel DRM/i915 component (GEM shmem objects). A overflow can occur in the unsigned int .length field of a scatterlist when a scatterlists table for a GEM shmem object of 4 GB or more is built from folio-allocated pages, causing the total byte length of...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43372

CVE-2026-43372 resolves a leak in the Linux kernel Microchip DSA driver during PTP IRQ setup. If request_threaded_irq() fails, the error path previously only freed mappings that had succeeded; now the kernel disposes the newly created IRQ mapping to prevent resource exhaustion. Affected component...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43374

Summary: CVE-2026-43374 affects the Linux kernel networking code (net: nexthop). The vuln arises when removing a nexthop from a group: remove_nh_grp_entry() publishes the new group via rcu_assign_pointer() and then immediately frees the removed entry’s percpu stats with free_percpu(), while the s...

7.8CVSS5.8AI score0.00125EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43384

The CVE-2026-43384 issue concerns the Linux kernel TCP Authentication Option (TCP-AO) where MACs were compared without constant-time handling. The connected documents confirm a fix was applied to make MAC comparisons constant-time, mitigating timing-attack leakage of sensitive information. The vu...

9.8CVSS5.7AI score0.00457EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43390

The CVE-2026-43390 issue affects the Linux kernel nstree component, where listing permissions were tightened so that even privileged services may not be allowed to view other privileged namespaces. The root cause is insufficient information isolation between namespaces; the kernel now uses may_se...

5.5CVSS5.7AI score0.00107EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43400

CVE-2026-43400 affects the Linux kernel’s DRM/AMDGPU component. The vulnerability arises from missing upper-bound input validation in the amdgpu_userq_signal_ioctl handler, allowing huge input values to trigger an Out-Of-Memory (OOM) condition and thus a Denial of Service. The issue is mitigated ...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43406

CVE-2026-43406 affects the Linux kernel libceph component. The issue is in process_message_header() where, if a message frame is corrupted or misrepresented, an out-of-bounds read may occur due to a missing explicit bounds check before decoding the header. The vulnerability can enable remote expl...

9.1CVSS5.7AI score0.00502EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43410

Summary: CVE-2026-43410 affects the Linux kernel firmware driver for Stratix 10 RSU. When RSU is not enabled in the FSBL, the driver can NULL-dereference via svc_normal_to_secure_thread(), causing a kernel panic. The root cause is rsu_send_async_msg() freeing the channel on failure, while the pro...

5.5CVSS5.8AI score0.00116EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43412

CVE-2026-43412 pertains to the Linux kernel ASoC Qualcomm qdsp6 driver. The root cause is an incorrect removal order during ADSP stop/start, where q6apm-audio teardown can delete RTDs containing q6apm DAI components before their removal pass, leaving components linked to the card and causing a cr...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43421

The CVE affects the Linux kernel USB gadget for Network Control Model (NCM) where a net_device could outlive its parent gadget during disconnection, causing dangling sysfs links and potential null dereference. The root cause was lifecycle mismanagement of net_device during USB bind/unbind, addres...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.21 views

CVE-2026-43431

In the Linux kernel xHCI host controller driver, CVE-2026-43431 stems from a NULL pointer dereference when reading portli debugfs files. The bug occurs if xhci->max_ports counts more port registers than the number reported by Supported Protocol capabilities, which can happen when max_ports exc...

5.5CVSS5.7AI score0.00107EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.21 views

CVE-2026-43443

CVE-2026-43443 involves the Linux kernel ASoC AMD ACP Mach common driver. The acp_card_rt5682_init() and acp_card_rt5682s_init() functions did not validate clk_get() returns, risking dereferencing invalid pointers and kernel crash. The patch changes clock acquisition to devm_clk_get() and adds IS...

5.5CVSS5.7AI score0.00107EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.21 views

CVE-2026-43451

Summary of CVE-2026-43451 (Linux kernel): The nfnetlink_queue entry leak occurs in the bridge verdict error path. When nfqnl_recv_verdict() dequeues an entry for PF_BRIDGE packets and nfqa_parse_bridge() returns an error (for example VLAN TCI missing when VLAN is present), the code returns withou...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.21 views

CVE-2026-43460

In the Linux kernel rockchip-sfc driver, CVE-2026-43460 is caused by a double-free of an SPI controller: the driver uses devm_spi_register_controller(), which auto-unregisters on device removal, but remove() also calls spi_unregister_controller(), creating a double-free. The mitigation implemente...

7.8CVSS5.9AI score0.00119EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.21 views

CVE-2026-43472

The CVE describes a Linux kernel unshare(2) bug: when CLONE_NEWNS is requested and current->fs wasn’t previously shared, copy_mnt_ns() could receive a non-private fs_struct. If copy_mnt_ns() succeeds but a subsequent copy_cgroup_ns() fails, the destroyed namespace can leave current->fs->...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/05/13 3:8 p.m.21 views

CVE-2026-43478

The CVE-2026-43478 issue affects the Linux kernel ASoC codecs rt1011 path. The root cause is using an incorrect helper to obtain the DAPM context in spk_mode_put; the correct function is snd_soc_component_to_dapm() and relying on the kcontrol flow can yield a NULL pointer. Provided connected sour...

5.5CVSS5.8AI score0.001EPSS
CVE
CVE
added 2026/05/27 12:15 p.m.21 views

CVE-2026-45861

CVE-2026-45861 refers to a Linux kernel vulnerability in the GFS2 file system. The root cause is a slab-use-after-free: during filesystem shutdown, quota data objects were freed without being removed from the LRU list due to the change in the a475c5dd16e5 sequence. As a result, the shrinker (gfs2...

7.8CVSS5.8AI score0.00159EPSS
CVE
CVE
added 2026/05/27 12:16 p.m.21 views

CVE-2026-45877

CVE-2026-45877 concerns the Linux kernel HID driver for Intel ISH. The issue is a NULL-pointer dereference in ishtp_bus_remove_all_clients during a warm reset when cl->device may be NULL while clients are enumerated, leading to a kernel panic. Multiple sources (NVD, Red Hat, SUSE, Debian/OSV, ...

5.5CVSS5.7AI score0.00155EPSS
CVE
CVE
added 2026/05/27 12:16 p.m.21 views

CVE-2026-45888

In the Linux kernel md/raid1 subsystem, CVE-2026-45888 describes a memory leak in raid1_run(): when setup_conf() registers a thread via md_register_thread(), a subsequent failure in raid1_set_limits() may leave the thread registered, leaking the md_thread structure and the thread resource. The fi...

5.5CVSS5.8AI score0.00155EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.21 views

CVE-2026-45900

The CVE-2026-45900 issue is in the Linux kernel crypto: caam module. During dpaa2_caam_probe, netdevs allocated for DPIO setup could leak if dpaa2_dpseci_dpio_setup() fails and the cleanup path in dpaa2_dpseci_free() did not consider previously allocated nets. The fix preserves the CPU mask of al...

5.5CVSS5.7AI score0.00155EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.21 views

CVE-2026-45906

The CVE-2026-45906 issue affects the Linux kernel power supply driver (pf1550). It describes a race where requesting IRQs with devm_ before the power_supply handle is allocated/unregistered can lead to a use-after-free: an interrupt may fire after the power_supply handle is freed but before the I...

7.8CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.21 views

CVE-2026-45922

In CVE-2026-45922, the Linux kernel RDMA/mlx5 GET_DATA_DIRECT_SYSFS_PATH handler leaks memory: it allocates device-path memory with kobject_get_path() and, if the path length exceeds the output buffer, returns -ENOSPC without freeing, causing a memory leak. The fix adds a kfree() in the error pat...

5.5CVSS6AI score0.00155EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.21 views

CVE-2026-45925

CVE-2026-45925 affects the Linux kernel thermal subsystem. In thermal_of_cm_lookup(), a device node pointer (tr_np) obtained via of_parse_phandle() is not released, causing a reference leak. The documented fix is to release the node automatically using the __free(device_node) cleanup attribute to...

5.5CVSS5.8AI score0.00155EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.21 views

CVE-2026-45930

CVE-2026-45930 is a Linux kernel netlink issue in net: mctp where RTM_GETNEIGH could return uninitialised data in ndmsg pad bytes. The root cause is not fully detailed here beyond the description, but connected OSV entries indicate patches to fix nlmsg initialisation in link/addr/neigh responses....

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.21 views

CVE-2026-45931

The CVE-2026-45931 issue affects the Linux kernel’s accel/amdxdna module. A crash can occur in iommu_sva_unbind_device() when it accesses iommu_mm after the associated mm structure has been freed. The fix is to take an explicit reference to the mm structure after successfully binding the device a...

7.8CVSS5.8AI score0.00173EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.21 views

CVE-2026-45952

The CVE-2026-45952 issue affects the Linux kernel fbnic driver. It concerns MTU changes when an XDP program is attached: increasing MTU beyond the hardware threshold can cause fragmentation across multiple buffers, and the driver will drop all multi-fragment frames for single-buffer XDP. This can...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.21 views

CVE-2026-45955

Summary (CVE-2026-45955): In the Linux kernel, the md/md-llbitmap path suffers a logic error where llbitmap_suspend_timeout() times out waiting for percpu_ref to reach zero and returns -ETIMEDOUT without resurrecting percpu_ref. This leaves the page control structure in a killed state, potentiall...

7.1CVSS5.8AI score0.00124EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.21 views

CVE-2026-45962

The CVE affects the Linux kernel ublk driver, where ublk_ctrl_cmd_dump() could access (header *)sqe->cmd before checking IO_URING_F_SQE128, enabling out-of-bounds memory access. The mitigation is to check the SQE128 flag earlier in ublk_ctrl_uring_cmd() and return -EINVAL if not set. Several s...

5.5CVSS5.8AI score0.00156EPSS
Total number of security vulnerabilities14088