Lucene search
K
LinuxLinux Kernel6.17.1

25 matches found

CVE
CVE
added 2026/04/02 11:40 a.m.44 views

CVE-2026-23416

The CVE-2026-23416 issue affects the Linux kernel (mm/mseal) where vm_area_struct end handling could become stale during VMA merges. The root cause is curr_end not staying in sync when a VMA is updated via vma_modify_flags(), leading to an incorrect curr_start on the next iteration. The fix uncon...

5.5CVSS5.7AI score0.00218EPSS
CVE
CVE
added 2026/05/27 12:56 p.m.28 views

CVE-2026-46039

CVE-2026-46039 affects the Linux kernel. The root cause is a potential integer overflow in rxgk_extract_token() during the length check. The fix changes the check to round down the size of the available data rather than rounding up, preventing overflow. Kernel commits upstream (listed in referenc...

9.8CVSS5.8AI score0.00448EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.26 views

CVE-2026-43408

CVE-2026-43408 concerns the Linux kernel Ceph path handling: a missing zero-initialization of ceph_path_info before ceph_mdsc_build_path() calls can lead to crashes when ceph_mdsc_free_path_info() is invoked on error paths. Multiple code paths lacked proper initializers; the recommended fix is to...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/05/27 12:56 p.m.25 views

CVE-2026-46010

CVE-2026-46010 affects the Linux kernel's rxrpc component. The root cause is missing error handling in rxgk_extract_token(): if rxgk_decrypt_skb() returns -ENOMEM, the function should return that error instead of proceeding, which can lead to an abort. Several advisories state the vulnerability c...

8.1CVSS5.8AI score0.00403EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.24 views

CVE-2026-43358

CVE-2026-43358 affects the Linux kernel's btrfs filesystem. The vulnerability is a missing RCU unlock in the error path of try_release_subpage_extent_buffer(), where rcu_read_lock() should be held before exiting the loop because an rcu_read_unlock() occurs past the loop. The issue was identified ...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.24 views

CVE-2026-46146

CVE-2026-46146 affects the Linux kernel's ALSA USB audio stack, specifically the convert_chmap_v3() routine. A loop uses cs_desc->wLength for increment but this value isn’t validated, allowing a potential endless loop with malformed descriptors. The issue is resolved by adding a proper size ch...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.23 views

CVE-2026-23012

CVE-2026-23012 affects the Linux kernel (mm/damon/core): a use-after-free in damon_call_control handling when a DAMON context is inactive. If damon_call() runs against a non-running context, the call returns an error but the damon_call_control object remains linked to the context’s call_controls ...

7.8CVSS5.3AI score0.00151EPSS
CVE
CVE
added 2026/02/14 4:1 p.m.23 views

CVE-2026-23162

CVE-2026-23162 relates to the Intel Xe GPU driver in the Linux kernel (drm/xe/nvm). A double-free vulnerability occurs during initialization: after auxiliary_device_init() succeeds, if auxiliary_device_add() then fails, the memory may be freed twice (via the device release path and a premature fr...

7.8CVSS5.2AI score0.00113EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.22 views

CVE-2025-71090

CVE-2025-71090 describes a Linux kernel NFS daemon leak in nfsd4_add_rdaccess_to_wrdeleg(). The function overwrites fp->fi_fds[O_RDONLY] with a new nfsd_file even when a SHARE_ACCESS_READ is already open, thereby orphaning the prior reference. It previously stored the same nfsd_file pointer in...

5.5CVSS5.9AI score0.001EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.22 views

CVE-2026-31650

The CVE concerns the Linux kernel mmc vub300 driver. The root cause is a use-after-free risk from device-managed controller allocation and a lifetime tie to the parent USB device rather than the interface, which can cause memory leaks if the driver is unbound without a disconnect. A last referenc...

7.8CVSS5.5AI score0.00115EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.20 views

CVE-2026-31511

CVE-2026-31511 affects the Linux kernel Bluetooth MGMT subsystem, specifically a dangling pointer in mgmt_add_adv_patterns_monitor_complete where mgmt_pending_free(cmd) could kfree cmd before unlinking from the list. Connected advisories indicate Debian/Root and other OSV entries report a patch w...

7.8CVSS5.6AI score0.00129EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.20 views

CVE-2026-31559

This CVE (CVE-2026-31559) affects the LoongArch implementation in the Linux kernel. The issue is a missing NULL check in kstrdup() during device-tree processing, fixed by replacing of_find_node_by_path("/") with of_root to avoid multiple of_node_put() calls, and by preventing a kernel oops during...

5.5CVSS5.3AI score0.00122EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-43005

CVE-2026-43005 affects the Linux kernel hwmon driver for tps53679. The bug arises when i2c_smbus_read_block_data() returns 0 (zero-length read); tps53679_identify_chip() then accesses buf[ret-1] (buf[-1]), causing an out-of-bounds read. The fix changes the check from ret < 0 to ret

7.1CVSS5.9AI score0.00124EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.19 views

CVE-2025-71139

CVE-2025-71139 – Linux kernel kexec CMA/IMA handling : The issue arises when the kexec target address is allocated in CMA space. The kernel’s kimage_map_segment() path assumes IND_SOURCE pages exist and maps them via vmap(), but CMA-based allocation bypasses IND_SOURCE, leading to a warning and i...

5.5CVSS6.1AI score0.00102EPSS
CVE
CVE
added 2026/01/31 11:39 a.m.17 views

CVE-2026-23018

CVE-2026-23018 describes a Linux kernel vulnerability in the btrfs code path. In btrfs_read_locked_inode(), a path with a read-locked leaf from a subvolume tree is used while calling btrfs_init_file_extent_tree(), which may perform GFP_KERNEL allocations and trigger memory reclaim. This can creat...

5.5CVSS5.8AI score0.001EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.17 views

CVE-2026-23282

CVE-2026-23282 affects the Linux kernel SMB client (smb2_unlink). The root cause is uninitialised iov structures when SMB2_open_init() or SMB2_close_init() fails (e.g., on reconnect), which can cause oopses when SMB2_open_free(), SMB2_close_free(), or smb2_set_related() are invoked. The fix initi...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.17 views

CVE-2026-31652

The CVE-2026-31652 issue is in the Linux kernel’s DAMON feature. When damon_stat_start() allocates damon_ctx and damon_call() subsequently fails, the damon_ctx object is not deallocated, causing a memory leak if DAMON is re-enabled. The leak is not resolved by deallocating after damon_call() fail...

7.8CVSS5.4AI score0.00115EPSS
CVE
CVE
added 2026/05/05 3:17 p.m.17 views

CVE-2026-43059

CVE-2026-43059 affects the Linux kernel Bluetooth MGMT path. A change introducing mgmt_pending_valid() caused completion handlers to unlink commands from the pending list, which could lead to list corruption and potential memory safety issues. The patch fixes two issues: (1) in mgmt_add_adv_patte...

7.8CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/01/31 11:39 a.m.16 views

CVE-2026-23024

CVE-2026-23024 affects the Linux kernel: the idpf flow steering list could leak memory on module removal when entries remain. The fix iterates remaining entries during module unload and frees associated memory, guarded by a new flow_steer_list_lock to protect concurrent access. This is a memory-l...

5.5CVSS5.8AI score0.00132EPSS
CVE
CVE
added 2026/02/14 4:1 p.m.16 views

CVE-2026-23151

CVE-2026-23151 in the Linux kernel Bluetooth MGMT path fixes a memory leak in set_ssp_complete due to missing mgmt_pending_free(cmd) calls (and similarly in set_advertising_complete).Root cause: mgmt_pending_cmd structures and their data were not freed after SSP commands completed, after a prior ...

5.5CVSS5.4AI score0.00114EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.16 views

CVE-2026-43095

In CVE-2026-43095, the Linux kernel ASoC SDCA subsystem fixes an IRQ cleanup flaw. IRQs are currently enabled via sdca_irq_populate() from component probe using devm_request_threaded_irq(), which can cause IRQs to persist after a sound card teardown. Some IRQ handlers hold references to the card ...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.15 views

CVE-2026-31563

CVE-2026-31563 affects the Linux kernel macb network driver. The issue arises from freeing TX SKBs with napi_consume_skb() in IRQ-disabled context; a patch replaces it with dev_consume_skb_any() to avoid the warning trace and potential instability. All connected sources (NVD, SUSE, Red Hat, Debia...

7.5CVSS5.3AI score0.00479EPSS
CVE
CVE
added 2026/01/31 11:39 a.m.14 views

CVE-2026-23022

The CVE-2026-23022 issue affects the Linux kernel’s idpf driver. It fixes a memory leak in idpf_vc_core_deinit() where hw->lan_regs was not freed, reported by kmemleak during reset. The root cause is a missing free in the deinitialization path of idpf_vc_core, leading to unreferenced memory be...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.13 views

CVE-2026-23431

CVE-2026-23431 affects the Linux kernel component amlogic-spisg (spi driver). The issue is a memory leak in aml_spisg_probe() where ctlr allocated via spi_alloc_target()/spi_alloc_host() is not released on several error paths, causing leaks if probe fails after initial allocation. The fix uses me...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.12 views

CVE-2026-31653

Summary : CVE-2026-31653 impacts the Linux kernel DAMON subsystem (DAMON_SYSFS). When a monitored process terminates before damon_call() runs, a dynamically allocated repeat_call_control is not deallocated, causing a memory leak. The connected sources document the root cause and confirm the fix: ...

5.5CVSS5.3AI score0.00112EPSS