Lucene search
K
LinuxLinux Kernel6.18.1

36 matches found

CVE
CVE
added 2026/05/08 2:22 p.m.34 views

CVE-2026-43467

CVE-2026-43467 affects the Linux kernel mlx5_core/mlx5_eswitch stack. Root cause: when moving a device to switchdev mode on a system that does not support IPsec, the code erroneously cleans up IPsec resources, triggering a local crash/DoS. With concrete details from multiple vendors (Red Hat, SUS...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.26 views

CVE-2026-43029

The CVE-2026-43029 issue affects the Linux kernel MPTCP implementation. When data is received with MSG_PEEK and MSG_WAITALL, skb’s are not removed from the sk_receive_queue, causing sk_wait_data() to incorrectly report data available and potentially trigger a soft lockup. The root cause is the mi...

7.5CVSS5.8AI score0.00329EPSS
CVE
CVE
added 2026/03/29 12:55 p.m.25 views

CVE-2026-23400

Summary of CVE-2026-23400 : In the Linux kernel, the rust_binder component is affected by a deadlock risk when processing death notifications. The root cause is calling set_notification_done() while the process lock (proc lock) is still held and the current thread is not a looper, which can cause...

5.5CVSS5.8AI score0.0009EPSS
CVE
CVE
added 2026/01/28 2:24 p.m.23 views

CVE-2026-23014

The CVE-2026-23014 issue concerns the Linux kernel perf subsystem, specifically the swevent hrtimer. The root cause is that after changing hrtimer_try_to_cancel() in perf_swevent_cancel_hrtimer(), the hrtimer could remain active when the event is freed. The fix adds a full hrtimer_cancel() on the...

7.8CVSS5.8AI score0.00116EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.23 views

CVE-2026-43372

CVE-2026-43372 resolves a leak in the Linux kernel Microchip DSA driver during PTP IRQ setup. If request_threaded_irq() fails, the error path previously only freed mappings that had succeeded; now the kernel disposes the newly created IRQ mapping to prevent resource exhaustion. Affected component...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.23 views

CVE-2026-46142

The CVE-2026-46142 issue affects the Linux kernel’s net: libwx code, where reading the PF-restricted WX_CFG_PORT_ST register during VF initialization can trigger an illegal register access, potentially causing a system hang. The root cause is that a VF’s bus function ID can be read directly from ...

5.5CVSS5.8AI score0.00127EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.22 views

CVE-2026-43094

CVE-2026-43094 affects the Linux kernel ixgbevf driver on Hyper-V VMs. The root cause is a missing negotiate_features callback in the Hyper-V mac_ops table, causing ixgbevf_negotiate_api() to dereference a NULL hw->mac.ops.negotiate_features() during feature negotiation. This can lead to a NUL...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/01/14 3:8 p.m.21 views

CVE-2025-71144

The CVE-2025-71144 issue is in the Linux kernel’s MPTCP code path, where after a commit, if the MPC subflow is already TCP_CLOSE or falls back to TCP, mptcp_do_fastclose() may skip setting the send_fastclose flag, causing __mptcp_close_ssk() to stop resetting the subflow context. Consequently, a ...

5.5CVSS6.1AI score0.00116EPSS
CVE
CVE
added 2026/01/31 11:38 a.m.21 views

CVE-2026-23016

The CVE concerns the Linux kernel’s conntrack/frag handling (inet: frags: drop fraglist conntrack references). A bug allows reassembled skb fragments to retain nf_conn references via frag_list, causing conntrack cleanup to block (hangs up to ~60s) when fragmentation/reassembly occurs (UDP/TCP pat...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.21 views

CVE-2026-23079

CVE-2026-23079 affects the Linux kernel, specifically the gpio cdev path. The issue is that on error handling paths, in lineinfo_changed_notify(), allocated resources are not freed, causing resource leaks. The publicly described fix is to free those resources on error paths. Metrics indicate a CV...

5.5CVSS5.1AI score0.00107EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23360

CVE-2026-23360 relates to the Linux kernel nvme subsystem where, during a controller reset, nvme_alloc_admin_tag_set() could leave a previous admin queue alive, risking an orphaned queue. The issue is fixed by releasing the old queue before allocating a new one, mitigating the leak. Multiple conn...

5.5CVSS5.6AI score0.00123EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.21 views

CVE-2026-31491

In the Linux kernel’s RDMA/irdma component, CVE-2026-31491 stems from depth calculation functions that fail to properly guard against U32_MAX inputs for SQ/RQ/SRQ sizes. The issue can cause integer overflow and truncation, leading to the function returning success when it should fail. Public repo...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.20 views

CVE-2025-71092

Summary : The CVE-2025-71092 entry corresponds to a Linux kernel issue in RDMA/bnxt_re where an OOB write occurred during hw_stats allocation in bnxt_re_copy_err_stats(). The root cause was that three counters (BNXT_RE_REQ_CQE_ERROR, BNXT_RE_RESP_CQE_ERROR, BNXT_RE_RESP_REMOTE_ACCESS_ERRS) were a...

7.8CVSS6.3AI score0.00112EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.20 views

CVE-2026-23376

CVE-2026-23376 affects the Linux kernel nvmet-fcloop component. The vulnerability arises from not checking remoteport port_state before freeing resources in the fcloop_t2h_xmt_ls_rsp path, where lsrsp resources may be freed incorrectly if the remote port is not online. The fix updates fcloop_t2h_...

5.5CVSS5.7AI score0.00117EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.20 views

CVE-2026-43396

In the Linux kernel, the vulnerability CVE-2026-43396 is in the drm/xe/sync path. When dma_fence_chain_alloc() fails, the user fence reference is not released, causing a memory leak. Documented across multiple sources (Red Hat, SUSE, Ubuntu, Debian OSV entries, and NVD), the issue is fixed by the...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.20 views

CVE-2026-43464

Summary: CVE-2026-43464 affects the Linux kernel mlx5e driver in XDP multi-buffer scenarios. When XDP programs modify buffer layout via bpf_xdp_pull_data() or bpf_xdp_adjust_tail(), the driver previously failed to count dropped fragments, causing negative page reference counts during cleanup and ...

7.5CVSS5.9AI score0.00402EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.19 views

CVE-2025-71299

CVE-2025-71299 affects the Linux kernel driver spi_cadence_quadspi. The root cause is a runtime PM interaction during probe: a pm_runtime_disable in error paths could lead to duplicate clock disables when PM is active, especially with missing/broken DT descriptions for flash devices. The document...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/01/14 3:6 p.m.18 views

CVE-2025-71123

CVE-2025-71123 affects the Linux kernel Ext4 mount option parsing. The vulnerability stems from improper string copying in parse_apply_sb_mount_options(), where strscpy_pad() could copy a non-NUL-terminated string into a fixed-size destination, triggering fortify warnings (strnlen: detected buffe...

7.8CVSS6AI score0.00153EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.18 views

CVE-2026-23387

The CVE-2026-23387 issue concerns the Linux kernel fix for a double-put in pinctrl/cirrus cs42l43 handling during cs42l43_pin_probe, caused by an explicit put after devm_add_action_or_reset() already performing an action on failure. Connected OSV entries (ROOT-OS-DEBIAN-13-CVE-2026-23387 and ROOT...

7.8CVSS5.7AI score0.00122EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.17 views

CVE-2026-23384

CVE-2026-23384 : In the Linux kernel's RDMA/ionic component, a kernel stack leak was fixed in the function ionic_create_cq(). The resp structure leaks 7 bytes from rsvd[7], and up to 4 additional bytes in cqid[2] (potentially 11 bytes total) if udma_mask only has bit 0 set and cqid[1] is not writ...

5.5CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2026/04/02 11:40 a.m.17 views

CVE-2026-23414

CVE-2026-23414 is addressed in the Linux kernel TLS code. The vulnerability involved the async_hold queue that pins encrypted input skbs while AEAD operations reference scatterlist data. The fix centralizes purge of async_hold in tls_decrypt_async_wait(), ensuring all callers (recvmsg drain path,...

7.5CVSS5.6AI score0.00238EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.16 views

CVE-2026-43465

CVE-2026-43465: Linux kernel mlx5e XDP multi-buf frag counting flaw. When XDP programs modify the XDP buffer layout (via bpf_xdp_pull_data/bpf_xdp_adjust_tail), the driver failed to count dropped fragments, risking negative page fragment reference counting and potential instability. Public report...

9.8CVSS5.9AI score0.00414EPSS
CVE
CVE
added 2026/01/31 11:38 a.m.15 views

CVE-2025-71181

CVE-2025-71181 relates to the Linux kernel: the rust_binder change to remove spin_lock() in rust_shrink_free_page() during a Rust Binder port to 6.18 appears to fix a potential deadlock scenario described in the public advisories. The affected area is the Rust Binder integration within Linux, spe...

5.5CVSS5.7AI score0.00102EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.15 views

CVE-2026-31567

CVE-2026-31567 concerns the Linux kernel: a patch removes the WARN_ON() check in pm_restore_gfp_mask() to stop spurious warnings during hibernation paths (e.g., SNAPSHOT_CREATE_IMAGE, SNAPSHOT_UNFREEZE, snapshot_release) while keeping the underlying guard. The change is in the GFP mask management...

5.5CVSS5.4AI score0.00128EPSS
CVE
CVE
added 2026/01/14 3:5 p.m.14 views

CVE-2025-71110

Technical details about CVE-2025-71110 are not publicly available in the provided connected documents. No specific affected products, versions, or remediation information are disclosed here; monitor for updates.

7.8CVSS6.2AI score0.0012EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.14 views

CVE-2026-23349

CVE-2026-23349 concerns the Linux kernel HID subsystem, specifically the pidff module. The issue arises from not clearing all conditional effect bits, which can lead to NULL pointer dereferences and potential system instability. The root cause is improper handling of the ffbit flag where some con...

5.5CVSS5.6AI score0.00121EPSS
CVE
CVE
added 2026/04/03 1:24 p.m.14 views

CVE-2026-23421

The CVE-2026-23421 issue is a Linux kernel memory-leak in drm/xe/configfs where ctx_restore_mid_bb is allocated in wa_bb_store() but freed only partially by xe_config_device_release(), leaving ctx_restore_mid_bb[0].cs undisposed when a configfs device is removed. The vulnerability is described as...

5.5CVSS5.7AI score0.00113EPSS
CVE
CVE
added 2026/04/22 1:53 p.m.14 views

CVE-2026-31459

CVE-2026-31459 affects the Linux kernel DAMON_SYSFS path. The vulnerability is a memory leak: when damon_sysfs_new_test_ctx() fails inside damon_sysfs_commit_input(), param_ctx is leaked because the cleanup at the out label is skipped. The patch series “mm/damon/sysfs: fix memory leak and NULL de...

5.5CVSS5.6AI score0.00121EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.14 views

CVE-2026-31783

The CVE-2026-31783 entry refers to a Linux kernel issue in spi: amlogic: spifc-a4 where the on-host NAND ECC engine teardown was missing in probe unwind and remove-time cleanup. The fix adds a devm cleanup action so nand_ecc_unregister_on_host_hw_engine() runs automatically on probe failures and ...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/03/18 5:41 p.m.13 views

CVE-2026-23261

CVE-2026-23261 corresponds to a Linux kernel NVMe over Fabrics issue where nvme_fc_init_ctrl leaks admin blk-mq resources if subsequent steps fail during controller setup. The fix ensures the admin_tagset is freed by checking ctrl->ctrl.admin_tagset in the fail_ctrl path and calling nvme_remov...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/01/14 3:5 p.m.12 views

CVE-2025-71106

CVE-2025-71106 - Linux kernel fix . The vulnerability concerns the filesystems_freeze_callback() check (freeze_all_ptr) introduced by the commit “power: always freeze efivarfs.” The check was inverted, causing all file systems to be frozen when filesystem_freeze_enabled is false. This could trigg...

5.5CVSS6.1AI score0.00107EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.12 views

CVE-2026-23322

The CVE-2026-23322 entry concerns the Linux kernel IPMI sender path. The root cause is a use-after-free and list corruption in the SMI sender error handling: when sender() fails, smi_work() delivers an error response but restarts without clearing curr_msg, leaving newmsg pointing to the same mess...

7.8CVSS5.6AI score0.00124EPSS
CVE
CVE
added 2026/01/14 3:5 p.m.11 views

CVE-2025-71103

CVE-2025-71103 pertains to the Linux kernel DRM MSM Adreno driver. The issue occurs on A7xx GPUs without IFPC support, where ifpc_reglist could be dereferenced in a7xx_patch_pwrup_reglist(), leading to a kernel crash with a NULL pointer dereference (pc : a6xx_hw_init...). The vulnerability has be...

5.5CVSS6AI score0.00107EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.11 views

CVE-2026-23314

The CVE-2026-23314 entry describes a Linux kernel issue in the regulator/bq257xx subsystem: in bq257xx_reg_dt_parse_gpio(), if it fails to obtain a subchild, it may return without calling of_node_put(child), leaking a device node reference. The vulnerability is reported as resolved in the Linux k...

5.5CVSS5.6AI score0.00121EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.11 views

CVE-2026-23329

CVE-2026-23329 affects the Linux kernel libie_fwlog_deinit in the ixgbe driver flow. The vulnerability arises when unloading the driver (even if firmware logging was never initialized), enabling a call path that can lead to a kernel oops and Denial of Service. Reproduced by unloading the ixgbe dr...

5.5CVSS5.6AI score0.00121EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.10 views

CVE-2026-23342

CVE-2026-23342 describes a race in the Linux kernel’s PREEMPT_RT path for BPF cpumap/xdp_bulk_queue. The issue arises when bq_enqueue() and __cpu_map_flush() run concurrently on the same CPU, breaking assumptions about atomicity and enabling races such as double __list_del_clearprev() and concurr...

4.7CVSS5.7AI score0.00088EPSS