Lucene search
K
LinuxLinux Kernel

14088 matches found

CVE
CVE
added 2026/04/22 1:54 p.m.20 views

CVE-2026-31515

CVE-2026-31515 affects the Linux kernel and is resolved by validating address families in pfkey_send_migrate(); the flaw allowed overfilling the skb when processing requests due to truncation of the @family argument in set_ipsecrequest. SYZBOT demonstrated a crash in skb_put(), leading to a kerne...

5.5CVSS5.6AI score0.00123EPSS
CVE
CVE
added 2026/04/24 2:33 p.m.20 views

CVE-2026-31540

CVE-2026-31540 affects the Linux kernel i915 graphics driver. The vulnerability occurs when the i915 firmware binaries are absent and the set_default_submission pointer is not initialized, which can be dereferenced during suspend, causing a kernel NULL pointer dereference and a potential DoS. The...

5.5CVSS5.4AI score0.00123EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.20 views

CVE-2026-31577

CVE-2026-31577 affects the Linux kernel nilfs2 filesystem. The vulnerability is a NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map during GC if NILFS_IOCTL_CLEAN_SEGMENTS is invoked immediately after mount, before any btree operation on the DAT inode. The root cause is i_assoc_inode...

5.5CVSS5.4AI score0.00125EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.20 views

CVE-2026-31580

CVE-2026-31580 affects the Linux kernel (bcache component). The issue is a use-after-free in cached_dev.sb_bio when a device is stopped while a superblock write is in progress, which can cause a crash/DoS through libceph I/O paths. Public reports align on this being resolved by patching bcache to...

7.8CVSS5.5AI score0.00128EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.20 views

CVE-2026-31594

The CVE-2026-31594 issue is in the Linux kernel PCI endpoint framework (pci-epf-vntb). The root cause is a duplicate resource teardown in epf_ntb_epc_destroy(), causing an oops/kernel crash when .allow_link fails or .drop_link runs. The documented fix removes the helper and drops pci_epc_put(), t...

5.5CVSS5.3AI score0.00123EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.20 views

CVE-2026-31614

MODE C: CVE-2026-31614 is a kernel SMB client vulnerability (Linux kernel). The issue is an out-of-bounds read in check_wsl_eas() that can leak up to 8 bytes of kernel heap via the EA name/value handling, potentially affecting how WSL ext attributes are interpreted. Patches have been released/mer...

7.1CVSS5.4AI score0.00126EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.20 views

CVE-2026-31616

The CVE-2026-31616 entry concerns a Linux kernel USB gadget Phonet function vulnerability. A malicious USB host can overflow the skb_shared_info->frags[] array in the pn_rx_complete() path by sending an unbounded sequence of full-page OUT transfers. The host filling req->length with PAGE_SI...

5.5CVSS5.4AI score0.00125EPSS
CVE
CVE
added 2026/04/24 2:44 p.m.20 views

CVE-2026-31638

The CVE-2026-31638 issue affects the Linux kernel rxrpc subsystem. When a client call on a channel has already been torn down, rxrpc_input_packet_on_conn() could still process a to-client packet; rxrpc_try_get_call() could return NULL and there would be no reference to drop. The code path then un...

7.5CVSS5.4AI score0.00441EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.20 views

CVE-2026-31647

CVE-2026-31647 concerns the Linux kernel idpf driver. The vulnerability stems from improper nesting of PREEMPT_RT raw/BH spinlocks during asynchronous VC handling, which could yield an invalid wait context. A fix switches from the completion’s raw spinlock to a local lock in the idpf_vc_xn struct...

5.5CVSS5.4AI score0.00122EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.20 views

CVE-2026-31662

CVE-2026-31662 concerns the Linux kernel’s TIPc grouping protocol. The bug in tipc_group_proto_rcv() decrements bc_ackers for every inbound GRP_ACK_MSG, even if the sender already acknowledged the current broadcast round. Since bc_ackers is a 16-bit unsigned, a duplicate ACK after the last legiti...

7.5CVSS5.4AI score0.00389EPSS
CVE
CVE
added 2026/04/25 8:47 a.m.20 views

CVE-2026-31683

The CVE-2026-31683 issue affects the Linux kernel’s batman-adv module. When the Optimized Global Messaging (OGM) aggregation state is toggled at runtime, a forwarded packet that was allocated with insufficient tailroom may be appended to by a later packet, leading to skb_put overflow conditions. ...

7.8CVSS5.5AI score0.00121EPSS
CVE
CVE
added 2026/04/27 5:34 p.m.20 views

CVE-2026-31689

The CVE-2026-31689 issue affects the Linux kernel EDAC/mc path: edac_mc_alloc() may call put_device() during an error path before device_init completes, causing a kobject initialization/cleanup hazard and in-kernel MCE decoding symptoms. The fix reorders the initialization so the device (and its ...

5.5CVSS5.3AI score0.00115EPSS
CVE
CVE
added 2026/05/01 1:55 p.m.20 views

CVE-2026-31696

Summary (CVE-2026-31696) : In the Linux kernel’s rxrpc code, the non-XDR key parsing path (rxrpc_preparse()) lacked a validation check for ticket length, unlike the XDR path. This allowed an unprivileged user to supply a very large ticket length, causing the computed total token size (toksize) to...

7.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/01 2:14 p.m.20 views

CVE-2026-31725

CVE-2026-31725 affects the Linux kernel’s USB gadget f_ecm functionality. The vulnerability arises during function unbinds when the net_device is created and registered under the gadget device, but is not de-parented correctly, leaving dangling sysfs links under /sys/class/net and /sys/devices/pl...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/01 2:14 p.m.20 views

CVE-2026-31738

CVE-2026-31738 concerns the Linux kernel vxlan code (vxlan_na_create) where ND option lengths are not properly validated. The flaw can cause the parser to advance beyond the option span or read an undersized LLADDR payload, enabling source address reading only when the option is large enough; imp...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-31772

The CVE-2026-31772 issue affects the Linux kernel Bluetooth HCI path. The root cause is a stack buffer overflow in hci_le_big_create_sync where DEFINE_FLEX allocates a stack struct for BIS entries with room for 17, but conn->num_bis can be up to 31, leading to a memcpy that can write beyond th...

7.8CVSS5.9AI score0.00142EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43012

CVE-2026-43012 refers to a Linux kernel issue in the net/mlx5 driver where a failed switchdev mode rollback could cause a kernel panic during an attempted rollback to legacy mode. The public descriptions from NVD/SUSE/Red Hat detail that if switchdev mode initialization/transition fails, the code...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43026

CVE-2026-43026 concerns the Linux kernel netfilter ctnetlink path: when CTA_EXPECT_NAT is absent, ctnetlink_alloc_expect() can leave saved_addr and saved_proto uninitialized, risking leakage of stale data. The safe nf_ct_expect_init() in the packet path zeros these fields, and the patch adds expl...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43035

The CVE affects the Linux kernel net: sched: cls_api code path tc_chain_fill_node, where tcm_info in struct tcmsg was not initialized, leaking heap memory to userspace via a 4-byte field. The fix zeros tcm_info alongside other initialized fields. Affected/patched details from connected docs: upst...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43036

Summary (CVE-2026-43036) : The issue resides in the Linux kernel networking path, where gso_features_check() read IPv4 header offsets (iph->frag_off) in a way that could dereference uninitialized data when packets are injected via PF_PACKET paths. The root cause is unsafe header dereferencing ...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43049

CVE-2026-43049 affects the Linux kernel HID logitech-hidpp driver (Logitech G920 force feedback). If force feedback init fails, resources may be torn down inconsistently, enabling a use-after-free (UAF) if userspace still references dangling objects. The fixed approach chose to warn but return su...

7.8CVSS5.8AI score0.00116EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43050

CVE-2026-43050 describes a race in the Linux kernel’s ATM lec code. A race between lec_atm_close() clearing priv->lecd and concurrent access in send_to_lecd(), lec_handle_bridge(), and lec_atm_send() can cause a use-after-free on the lecd pointer when a socket is freed via RCU. The fix convert...

7CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/05/05 3:23 p.m.20 views

CVE-2026-43065

CVE-2026-43065 concerns the Linux kernel ext4 subsystem. The issue arises in ext4_mb_release() where, if a filesystem is mounted with -o discard and files are deleted, sbi->s_discard_list accumulates and s_discard_work is queued; if the filesystem is later remounted with nodiscard and the EXT4...

5.5CVSS5.8AI score0.00117EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.20 views

CVE-2026-43111

CVE-2026-43111 describes a use-after-free in the Linux kernel HID roccat driver. The function roccat_report_event() traverses the device->readers list without holding the readers_lock mutex, allowing a concurrent roccat_release() to remove and free a reader still in use. The consequence is a u...

7.8CVSS5.8AI score0.00117EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.20 views

CVE-2026-43133

Summary: CVE-2026-43133 affects Linux kernel KVM’s nested virtualization (nSVM). When an L2 guest executes VMSAVE/VMLOAD and is not intercepted by L1, KVM may incorrectly use vmcb02 instead of vmcb01 for guest state handling due to an oversight in VMLOAD/VMSAVE emulation after a patch. The root c...

7.9CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.20 views

CVE-2026-43161

CVE-2026-43161 is a Linux kernel IOMMU VT-d vulnerability related to ATS invalidation when a PCIe endpoint loses connection. In scalable-mode-disabled/unsupported systems, an endpoint link drop can cause the IOMMU to wait indefinitely for an ATS invalidation, leading to a host hard-lock (notably ...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.20 views

CVE-2026-43183

In the Linux kernel, the media cx25821 driver fixes a resource leak in cx25821_dev_setup() where memory allocated via ioremap() is not released if setup fails. The patch adds release_mem_region() to free the memory region obtained by cx25821_get_resources(). This is the scope of CVE-2026-43183 as...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43201

CVE-2026-43201 applies to the Linux kernel GHES ARM error handling (APEI/GHES: ARM processor Error). Root cause: parsing ARM error context where err_info_num/context_info_num lead to calculating sz and potentially overrunning with too small a dump, causing OOPS. The CVE is addressed by adding siz...

5.5CVSS5.7AI score0.00127EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43213

The CVE-2026-43213 issue centers on the Linux kernel WiFi driver rtw89_pci, where an abnormal TX release report sequence number can cause an out-of-bounds access to wd_ring->pages, leading to a NULL pointer dereference and kernel crash (DoS). Public reports confirm this affects the rtw89_pci c...

7.5CVSS5.8AI score0.0022EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43217

CVE-2026-43217 affects the Linux kernel, specifically the media: iris: gen2 component. The issue occurs in iris_kill_session where inst->state is set to IRIS_INST_ERROR and session_close frees inst_hfi_gen2->packet; if stop_streaming is called afterward, a crash may occur. The published fix...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43227

CVE-2026-43227 affects the Linux kernel’s clocksource/sh_tmu driver. The vulnerability arises when the TMU is used as both clocksource and clockevent provider and the driver tries to power/clocks state via pm_runtime_() and clk_ () while holding raw spinlocks. This mismatch between spinlock conte...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43243

CVE-2026-43243 affects the Linux kernel drm/amd/display subsystem, specifically the dcn401 get_phyd32clk_src path, where missing signal type checks can cause a crash when accessing a DP link on DPIA. Connected OSV entries show Root and Debian/Ubuntu patches applied to rootio-linux (Ubuntu 22.04/2...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43251

CVE-2026-43251 affects the Linux kernel HID prodikeys driver. A local attacker can connect a crafted USB device whose report descriptor bypasses the pm->input_ep82 check, leaving input_ep82 NULL and causing a crash (potential DoS). Multiple OSV entries show patches in rootio-linux packages for...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43252

CVE-2026-43252 concerns the Linux kernel MPTCP subsystem (Multiswitch TCP). The issue arises in the in-kernel MPTCP path for removing endpoints, where code path __mark_subflow_endp_available/mptcp_pm_nl_fullmesh/mptcp_pm_nl_set_flags_all/mptcp_pm_nl_set_flags can trigger a kernel warning when a s...

5.5CVSS5.8AI score0.00095EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43263

The CVE-2026-43263 entry concerns the Linux kernel chips-media wave5 driver. The vulnerability arises when multiple driver instances are created and destroyed, causing many interrupts and removal of decoder structures. The shared vpu_instance structure is not protected by a lock, allowing a poten...

7.8CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43270

The CVE-2026-43270 issue affects the Linux kernel media: mtk-mdp module. In mtk_mdp_probe(), vpu_get_plat_device() increases the platform device reference count and is not consistently released in mtk_mdp_remove(), creating a reference-leak vulnerability. Red Hat and Debian OS/tracking entries co...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.20 views

CVE-2026-43275

In the Linux kernel, a race condition in the UFS core driver can occur during system suspend when Runtime Power Management (RPM) level is zero. The driver previously bypassed flushing the exception-event handling work in this state, risking illegal host-controller access after entering deep power...

4.7CVSS5.8AI score0.00091EPSS
CVE
CVE
added 2026/05/06 11:29 a.m.20 views

CVE-2026-43279

The CVE-2026-43279 entry concerns the Linux kernel ALSA USB-audio subsystem. A discrepancy between playback and capture stream setups (e.g., USB core max packet size) can cause out-of-bounds writes to the buffer, potentially crashing the system. A fix was implemented by adding a sanity check of t...

7.8CVSS5.9AI score0.00123EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.20 views

CVE-2026-43297

The CVE-2026-43297 issue affects the Linux kernel rockchip: rga driver. rga_get_frame() can return ERR_PTR(-EINVAL) for unsupported/invalid buffer types, and rga_buf_init() may dereference that pointer without checking the error, leading to a crash. The fix adds proper ERR_PTR checking in rga_buf...

5.5CVSS5.9AI score0.00122EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.20 views

CVE-2026-43312

CVE-2026-43312 is a Linux kernel vulnerability in the ov5647 V4L2 I2C driver. The issue arises from calling v4l2_get_subdevdata in ov5647_init_controls() before the subdevice is initialized by v4l2_i2c_subdev_init() during probe, which can dereference i2c_client and cause a segfault if an error p...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.20 views

CVE-2026-43330

CVE-2026-43330 relates to the Linux kernel crypto/caam path, where an overflow occurs when a long HMAC key (longer than the block size) is copied for hashing. The vulnerability arises because the copy’s allocated memory is aligned for DMA, and the original kmemdup path could read beyond the key b...

7.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.20 views

CVE-2026-43334

CVE-2026-43334 concerns the Linux kernel Bluetooth SMP pairing flow. The issue arises in smp_cmd_pairing_req() where the pairing response is built from the initiator auth_req before enforcing the local BT_SECURITY_HIGH, allowing the response to omit SMP_AUTH_MITM if the initiator did. Consequentl...

8.8CVSS5.8AI score0.00252EPSS
CVE
CVE
added 2026/05/08 1:39 p.m.20 views

CVE-2026-43344

CVE-2026-43344 affects the Linux kernel perf/x86/intel/uncore subsystem. The root cause is incorrect die ID initialization/lookup in snbep_pci2phy_map_init() that can produce die_id == -1 when CPUs are offline or when NUMA is disabled, causing uncore_device_to_die() to misbehave and PMON units to...

5.5CVSS5.8AI score0.00102EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.20 views

CVE-2026-43356

The CVE-2026-43356 issue affects the Linux kernel IIO ADIS IMU drivers (e.g., adis16480, adis16490, adis16545). In adis_init(), the code dereferences adis->ops to inspect function pointers without first verifying that adis->ops itself is non-NULL, leading to a NULL pointer dereference durin...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.20 views

CVE-2026-43380

CVE-2026-43380 relates to the Linux kernel hwmon driver pmbus/q54sj108a2. The q54sj108a2_debugfs_read function suffers a stack buffer overflow due to incorrect bin2hex argument usage and insufficient output buffer size, causing writes beyond the stack. A fix expands the data_char buffer to 66 byt...

7.8CVSS6AI score0.00143EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.20 views

CVE-2026-43386

The CVE-2026-43386 issue affects the Linux kernel rtl8723bs component, specifically in the rtw_restruct_wmm_ie path, where an insufficiently guarded access can cause an out-of-bounds read. The root cause is that the code accesses in_ie[i + 5] before ensuring i + 5 is within in_len, potentially le...

7.1CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.20 views

CVE-2026-43396

In the Linux kernel, the vulnerability CVE-2026-43396 is in the drm/xe/sync path. When dma_fence_chain_alloc() fails, the user fence reference is not released, causing a memory leak. Documented across multiple sources (Red Hat, SUSE, Ubuntu, Debian OSV entries, and NVD), the issue is fixed by the...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.20 views

CVE-2026-43403

CVE-2026-43403 concerns the Linux kernel nsfs component. The issue arises from insufficient permission checks in ns iteration ioctls, potentially allowing a privileged service to view information from other privileged services and perform information disclosure. Multiple sources (Red Hat, Debian,...

8.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.20 views

CVE-2026-43418

CVE-2026-43418 describes a race in the Linux kernel sched/mmcid subsystem: when new tasks are created concurrently, a newly forked task is counted as an MMCID user before it is visible in thread and task lists, which can lead to an incorrect CID allocation and potentially a machine stall. The mit...

5.5CVSS5.7AI score0.00107EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.20 views

CVE-2026-43445

CVE-2026-43445 is a Linux kernel vulnerability in the e1000/e1000e drivers (and potentially igbvf) where a DMA mapping error cleanup leak could occur. The root cause was an off-by-one condition in the dma_error path: count was decremented before the loop, so if any TX buffer mappings succeeded be...

5.5CVSS5.8AI score0.00123EPSS
Total number of security vulnerabilities14088