7 matches found
CVE-2026-23207
CVE-2026-23207 concerns the Linux kernel SPI Tegra210 quad driver. The issue arose because curr_xfer accesses were not consistently protected by the lock in the IRQ thread path, enabling a race against the timeout path where curr_xfer could be NULL after being cleared but still dereferenced in ha...
CVE-2026-23117
The CVE-2026-23117 entry concerns the Linux kernel Intel ice network driver. The issue arises during devlink-reload: ice_devlink_reinit_down() did not call ice_deinit_hw() while ice_devlink_reinit_up() calls ice_init_hw(), causing ice_init_hw() to fail with -EBUSY if control queues remain initial...
CVE-2026-23200
CVE-2026-23200: In the Linux kernel, a bug in ipv6 ECMP handling occurred when clearing RTF_ADDRCONF during static route addition, causing a mismatch between the fib6_next chain and fib6_siblings list and triggering a kernel BUG. The fix (as described in the report) is to clear RTF_ADDRCONF only ...
CVE-2026-23202
The CVE-2026-23202 issue is in the Linux kernel SPI driver for Tegra210-quad (tegra_qspi_combined_seq_xfer). The root cause is that curr_xfer is read by the IRQ handler without the spinlock, and is cleared without proper synchronization, allowing a race that could yield a NULL pointer dereference...
CVE-2026-43201
CVE-2026-43201 applies to the Linux kernel GHES ARM error handling (APEI/GHES: ARM processor Error). Root cause: parsing ARM error context where err_info_num/context_info_num lead to calculating sz and potentially overrunning with too small a dump, causing OOPS. The CVE is addressed by adding siz...
CVE-2025-71146
CVE-2025-71146 affects the Linux kernel, specifically the netfilter nf_conncount subsystem. The issue is a leak of ct (connection tracking) objects in error paths where the refcounted check was skipped and the function returned early. The root cause, per the description, is that the refcounted ch...
CVE-2026-23435
The CVE-2026-23435 entries describe a Linux kernel PMU/X86 perf vulnerability that was resolved. The root cause was a commit that moved cpuc->events[idx] assignment out of x86_pmu_start() into step 2 of x86_pmu_enable(), after PERF_HES_ARCH checks. This could allow a path that calls pmu->st...