2 matches found
CVE-2026-46274
CVE-2026-46274 (Linux kernel, io_wq) has concrete details: a bug in io_wq_remove_pending() allowed a non-hashed predecessor to be treated as hashed, causing a stale pointer in wq->hash_tail[] to persist and be dereferenced by future hashed bucket-0 enqueues. The root cause is that io_get_work_...
CVE-2025-39967
CVE-2025-39967 affects the Linux kernel, specifically a vulnerability in fbcon_do_set_font where integer overflow in font size calculations could occur when processing user-controlled parameters. The issue stems from unsafe size calculations in CALC_FONTSZ(h, pitch, charcount) and related allocat...