Lucene search
K
LinuxLinux Kernel

14139 matches found

CVE
CVE
added 2026/05/01 2:15 p.m.15 views

CVE-2026-43009

The CVE-2026-43009 family concerns the Linux kernel BPF verifier. Connected sources describe a bug where backtrack_insn did not correctly account for atomic fetch variants (BPF_ATOMIC with BPF_FETCH) during memory-precision tracking, causing the verifier to prune paths incorrectly. The fix extend...

7.8CVSS5.7AI score0.00134EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.15 views

CVE-2026-43021

CVE-2026-43021 affects the Linux kernel Bluetooth hci_sync path. A failure in hci_cmd_sync_queue_once() can skip calling the destroy callback, causing leaks of references/memory. The issue manifests during error paths, potentially leaving resources allocated for the hci_sync queue. Public discuss...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.15 views

CVE-2026-43028

The CVE-2026-43028 vulnerability affects the Linux kernel netfilter x_tables component. The root cause is that certain names were not guaranteed to be nul-terminated before being passed to functions that expect C strings, which could lead to misprocessing, system instability, or hazardous behavio...

7.1CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.15 views

CVE-2026-43046

CVE-2026-43046 affects the Linux kernel, specifically btrfs relocation logic where a non-zero drop_progress with drop_level == 0 can be observed in a read-back root_item. The root_item invariant is now validated in the tree-checker when reading from disk: if drop_progress.objectid is non-zero, dr...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/05/05 3:17 p.m.15 views

CVE-2026-43059

CVE-2026-43059 affects the Linux kernel Bluetooth MGMT path. A change introducing mgmt_pending_valid() caused completion handlers to unlink commands from the pending list, which could lead to list corruption and potential memory safety issues. The patch fixes two issues: (1) in mgmt_add_adv_patte...

7.8CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.15 views

CVE-2026-43092

The CVE-2026-43092 issue affects the Linux kernel AF_XDP subsystem: bind now validates MTU against the usable frame space provided by UMEM chunks. Previously, zero-copy pool configurations could be accepted without confirming that the device MTU fits into the usable frame space, considering tailr...

5.5CVSS5.9AI score0.00122EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43131

CVE-2026-43131 affects the Linux kernel DRM AMD PM path. When SMU is disabled during Reliability, Availability, and Serviceability (RAS) initialization, a null pointer dereference can occur in drm/amd/pm, potentially causing a system crash (DoS). Public-availability details come from multiple sou...

5.5CVSS5.8AI score0.00112EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43162

In the Linux kernel, the media: tegra-video path has a memory leak in __tegra_channel_try_format() caused by failing to free the allocated __v4l2_subdev_state (sd_state) in two error paths after v4l2_subdev_call() failures. The fix introduces a cleanup label and goto-based error handling to ensur...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43168

CVE-2026-43168 concerns the Linux kernel OCFS2 reflink preserve cleanup issue. Multiple connected sources confirm a bug in the cleanup of preserved xattr entries: the last pointer should be shifted by one unit after an array entry cleanup, and the first entry may not be cleaned when xh_count is 1...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43169

The CVE-2026-43169 issue lies in the Linux kernel DRM_BUDDY code (drm/buddy) where contiguous allocations (and large non-contiguous allocations) are rounded up to a power of two or aligned, potentially producing a size > mm->size and triggering BUG_ON(order > mm->max_order). If such a...

5.5CVSS5.7AI score0.00127EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43179

Summary: CVE-2026-43179 affects the Linux kernel’s EROFS filesystem. The issue stems from incorrect early exits for invalid metabox-enabled images with metadata compression, which can trigger folio reference leaks. The problem does not apparently cause system crashes or other severe issues accord...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43182

Concrete details are available: CVE-2026-43182 affects the Linux kernel’s media: ccs component. The root cause is a missing check for a non-zero MIN_X_OUTPUT_SIZE limit register value when computing the maximum M for scaler configuration, risking a division-by-zero. Exploitation status is not pro...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43189

The CVE-2026-43189 issue affects the Linux kernel’s media/v4l2-async matching workflow. When an async connection matches with a firmware node, a sub-device may be registered, its bound operation invoked, ancillary links created, and the connection added to the sub-device’s list before moving on t...

5.5CVSS5.7AI score0.00127EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43204

Summary: CVE-2026-43204 affects the Linux kernel ASoC: qcom q6asm component, where DSP responses for closed data streams could still be processed, causing system lockups. Root cause: DSP responses arriving after stream closure were not unconditionally dropped. Fix: unconditionally drop all DSP re...

5.5CVSS5.8AI score0.00112EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43224

The CVE-2026-43224 entry concerns the Linux kernel io_uring/zcrx subsystem. A memory leak could occur when mapping fails in io_populate_area_dma() on PAGE_POOL_32BIT_ARCH_WITH_64BIT_DMA, as io_zcrx_map_area() would allocate a sgtable that isn’t freed due to the error path not freeing it when !is_...

5.5CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43231

CVE-2026-43231 : In the Linux kernel, the media: radio-keene driver has a memory-leak in usb_keene_probe() where the v4l2 control handler is not freed if registration fails. The underlying issue is that the v4l2_ctrl_handler is initialized and controls are added, but error paths after v4l2_device...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43236

The CVE-2026-43236 vulnerability affects the Linux kernel’s drm/atmel-hlcdc component. The atmel_hlcdc_plane_atomic_duplicate_state() callback copied the drm_plane_state without duplicating the base state, leaving state->commit pointing to the old object and enabling a use-after-free in the ne...

7.8CVSS5.8AI score0.00135EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43242

CVE-2026-43242 concerns a leak in the Linux kernel’s driver for TI K3 SoC (soc: ti: k3-socinfo). The vulnerability arises when an mmio regmap is allocated during probe but not freed on probe failure, risking resource exhaustion and potential system instability. The fix uses a device-managed alloc...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43246

The CVE-2026-43246 issue affects the Linux kernel driver media: i2c/tw9906 (tw9906_probe). The root cause is a memory leak where memory allocated for the V4L2 control handler (v4l2_ctrl_handler_init and v4l2_ctrl_new_std) is not freed in an error path, potentially causing resource exhaustion or i...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43271

CVE-2026-43271 involves the Linux kernel md-cluster module where a race during MD array startup can cause a NULL pointer dereference in process_metadata_update when a METADATA_UPDATED message arrives before mddev->thread is initialized. The root cause is the code path that dereferences the thr...

5.5CVSS5.8AI score0.00116EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.15 views

CVE-2026-43314

CVE-2026-43314 affects the Linux kernel device mapper (dm) driver. The issue arises when an I/O timeout failure is injected into a dm device; because dm does not implement its own timeout handler, the request can leak and hang indefinitely. The root cause is the presence of blk_should_fake_timeou...

5.5CVSS5.8AI score0.00138EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43355

CVE-2026-43355 affects the Linux kernel bh1780 light sensor driver (iio: light). The root cause is a PM runtime reference-count leak: pm_runtime_put_autosuspend() was not guaranteed to run after pm_runtime_get_sync() if the read operation failed. The fixed response moves the autosuspend call befo...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43369

Summary (CVE-2026-43369): In the Linux kernel’s drm/amd driver, if GPU initialization fails due to an unsupported hardware block, some IP blocks may have a NULL version pointer. During device cleanup, amdgpu_device_set_pg_state and amdgpu_device_set_cg_state access adev->ip_blocks[i].version w...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43370

The CVE-2026-43370 issue affects the Linux kernel DRM/AMDGPU subsystem, specifically a use-after-free race in VM acquisition. Root cause: a non-atomic vm->process_info assignment could race when parent and child processes sharing a drm_file both attempt to acquire the same VM after fork(). The...

7.8CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43394

CVE-2026-43394 (Linux kernel) : A local credential reference leak in nfsd_nl_listener_set_doit() occurs because get_current_cred() is used without a corresponding put_cred(). The function runs in process context during sendmsg(), and current->cred remains valid, so the extra refcount is unnece...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43398

The CVE-2026-43398 entry concerns the Linux kernel amdgpu driver. A vulnerability arises from improper input validation in the userq_wait ioctl (amdgpu_userq_wait_ioctl), where excessively large input values can cause an Out-Of-Memory (OOM) situation, leading to Denial of Service. The root cause ...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43404

CVE-2026-43404: In the Linux kernel mm subsystem, hmm_range_fault() can livelock if folio_trylock() fails during device-private folio migration; the spinning waiter may be starved if a dependent work item on the same CPU never runs, causing a DoS-like livelock. Conditions include: migration path ...

5.5CVSS5.8AI score0.00093EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43419

CVE-2026-43419 affects the Linux kernel Ceph filesystem component, where ceph_mdsc_build_path() could leak memory via a path pointer obtained with __getname() if not freed or transferred. The fixes add __putname() calls in error paths and ensure the pointer is freed when ownership isn’t passed to...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.15 views

CVE-2026-43433

The CVE-2026-43433 entry refers to a Linux kernel issue in the rust_binder component: a TOCTOU opportunity where a local process that can write to its own VMA could alter the offsets array before it is read back during a transaction, potentially enabling privilege escalation to the sender. The fi...

7.8CVSS5.7AI score0.00099EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.15 views

CVE-2026-43447

Summary: CVE-2026-43447 affects the Linux kernel iavf driver. A race condition arises when a PTP worker that caches PHC time is not stopped during adapter reset/disable, potentially freeing AQ-backed resources while the worker runs. If the worker calls into ptp commands during teardown, memory/lo...

7.8CVSS5.8AI score0.00124EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.15 views

CVE-2026-43448

CVE-2026-43448 corresponds to a race in the Linux kernel nvme-pci driver (nvme_poll_irqdisable) where a device can be disabled between operations, causing nvme_poll_irqdisable() to race with nvme_reset_work() and leading to an unbalanced IRQ enable (IRQ 10 in the crash log). The root cause is a m...

4.7CVSS5.8AI score0.00089EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.15 views

CVE-2026-43454

CVE-2026-43454 concerns the Linux kernel nf_tables netfilter component. The issue arises when handling NETDEV_REGISTER notifications: a device may be registered twice because nft_netdev_hook_alloc() could have already added the device when the hook was created. The result is duplicate device regi...

7.8CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.15 views

CVE-2026-43468

CVE-2026-43468 affects the Linux kernel net/mlx5 subsystem, where a deadlock can occur between the devlink lock and the esw->work_queue. The deadlock trace involves esw_functions_changed_event_handler executing esw_vfs_changed_event_handler, while eswitch_mode_set acquires the devlink lock and...

5.5CVSS5.8AI score0.00091EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.15 views

CVE-2026-45896

CVE-2026-45896 affects the Linux kernel driver mtd_intel_dg. The bug occurs when the regions array is indexed before its size (nregions) is set, causing a UBSAN array-index-out-of-bounds in drivers/mtd/devices/mtd_intel_dg.c:750:15. The issue is triggered by accessing regions before nregions is e...

7.8CVSS5.8AI score0.00162EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.15 views

CVE-2026-53167

CVE-2026-53167 affects the Linux kernel’s FUSE path: FUSE_NOTIFY_RETRIEVE must be limited to uptodate folios since !uptodate folios may contain uninitialized data. The vulnerability is scoped to systems without automatic page-alloc zero init (CONFIG_INIT_ON_ALLOC_DEFAULT_ON or init_on_alloc=1). E...

5.5CVSS5.7AI score0.00176EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.15 views

CVE-2026-53180

CVE-2026-53180 involves a Linux kernel timers/migration livelock. The issue arises when tmigr_handle_remote_cpu() skips timer_expire_remote() if cpu == smp_processor_id(), under the incorrect assumption that the local softirq path already handled this CPU’s timers. Jiffies can advance after local...

7.5CVSS5.8AI score0.00466EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.15 views

CVE-2026-53183

CVE-2026-53183 affects the Linux kernel MPTCP implementation. The issue allows the TCP subflow receive window to shrink independently of the netns, which can inflate the MPTCP receive window and cause incoming data to exceed the receiver’s rcvbuf, potentially leading to DoS or a system becoming u...

7.5CVSS5.7AI score0.00506EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.15 views

CVE-2026-53209

The CVE-2026-53209 issue affects the Linux kernel Bluetooth subsystem (hci_sync). When hci_adv_bcast_annoucement() tries to prepend the Broadcast Announcement service data to an already-full extended advertising payload, the combined data could exceed the temporary buffer used to rebuild advertis...

7.8CVSS6AI score0.00138EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.15 views

CVE-2026-53212

The CVE-2026-53212 issue affects the Linux kernel nft_tunnel implementation within netfilter, where nft_tunnel_obj_destroy() used metadata_dst_free() to free a metadata_dst, bypassing dst_entry refcount accounting. This could leave in-flight packets that hold references (via dst_hold()) dangling,...

7.8CVSS5.7AI score0.00125EPSS
CVE
CVE
added 2026/06/26 7:40 p.m.15 views

CVE-2026-53301

The CVE-2026-53301 entry refers to a Linux kernel issue: reset: amlogic: t7 where missing reset operations can cause a kernel null pointer dereference. The description notes this SOC’s reset is not currently used. Connected sources indicate this is a kernel-level fix (null reset ops) with referen...

5.5CVSS5.8AI score0.00166EPSS
CVE
CVE
added 2026/06/26 7:41 p.m.15 views

CVE-2026-53319

Mode C: Normal (details available) CVE-2026-53319 affects the Linux kernel block writeback throttling (blk-wbt) code. The issue arises in wbt_init_enable_default(), which previously used WARN_ON_ONCE to report failures from wbt_alloc() and wbt_init(). These failure paths are expected: wbt_alloc()...

5.5CVSS5.8AI score0.00145EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.14 views

CVE-2022-50305

CVE-2022-50305 is a Linux kernel ASoC issue: sof_es8336_remove() could cause use-after-free because cancel_delayed_work() may not wait for the work function to finish. The fix uses cancel_delayed_work_sync() to ensure the work is cancelled, not running, and cannot be re-scheduled. Affected compon...

7.8CVSS6.1AI score0.00147EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.14 views

CVE-2022-50430

CVE-2022-50430 affects the Linux kernel mmc vub300 driver. The fix prevents calling blocking operations when the current task is not TASK_RUNNING by ensuring vub300_enable_sdio_irq() uses proper mutex usage and marks the current task as TASK_RUNNING in a sleepable context. This reduces a potentia...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.14 views

CVE-2022-50437

CVE-2022-50437 - Linux kernel (drm/msm/hdmi) : A memory corruption issue was fixed by adding a missing sanity check on the bridge counter to prevent writing beyond the fixed-sized bridge array when there are more than eight bridges. Affects the Linux kernel with drm/msm/hdmi; patch resolves data ...

7.8CVSS6.2AI score0.00153EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.14 views

CVE-2022-50460

The CVE-2022-50460 issue is in the Linux kernel CIFS logic: an xid leak in cifs_flock() when flock is used can leak xid on early return (-ENOLCK). Multiple connected advisories (Astra Linux, Unity Linux, EulerOS, SUSE) cite the same description and confirm a fix in the kernel. The vulnerability i...

5.5CVSS6.1AI score0.00145EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.14 views

CVE-2022-50468

CVE-2022-50468 affects the Linux kernel, specifically the Cros USB PD notifier driver (platform/chrome: cros_usbpd_notify). The issue arises because cros_usbpd_notify_init() does not check the return value of platform_driver_register(), allowing cros_usbpd_notify to install even if registration f...

5.5CVSS6.1AI score0.00145EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.14 views

CVE-2023-53450

The CVE-2023-53450 entry concerns the Linux kernel ext4 subsystem. A malicious fuzzer that overwrites the ext4 superblock while mounted can set s_first_data_block to a very large value, causing the block-group calculation to underflow and trigger a BUG_ON. The fix changes the BUG_ON to ext4_warni...

5.5CVSS6AI score0.0015EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.14 views

CVE-2023-53466

CVE-2023-53466 pertains to the Linux kernel wifi driver mt76 mt7915. The issue is a memory leak in the mt7915_mcu_exit path. The security update fixes by always purging mcu skb queues in mt7915_mcu_exit, even if mt7915_firmware_state fails. This mirrors the vulnerability being addressed in OSV-20...

5.5CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.14 views

CVE-2023-53483

CVE-2023-53483 affects the Linux kernel, specifically the ACPI processor code. The vulnerability arises in fch_misc_setup() where devm_kzalloc() may return NULL and lead to a NULL pointer dereference if clk_data->name is NULL. The CVE entry indicates this issue has been resolved in the Linux k...

5.5CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2025/10/04 3:16 p.m.14 views

CVE-2023-53534

Based on the UNPATCHED_CVE_2023_53534.NASL entry, CVE-2023-53534 affects the Linux kernel DRM/Mediatek path (mtk_drm_crtc). The root cause is a missing validation for devm_kcalloc return values, which may be NULL, risking NULL pointer dereference. The advisory notes that this vulnerability has be...

5.5CVSS6.1AI score0.00145EPSS
Total number of security vulnerabilities14139