122 matches found
CVE-2025-68358
CVE-2025-68358 (Linux kernel, btrfs) : A race condition was fixed in btrfs_clear_space_info_full() that updated bitfield members (full, chunk_alloc, flush) without holding the space_info lock, risking corruption of adjacent fields due to non-atomic read-modify-write sequences on bitfields. The fi...
CVE-2025-71110
Technical details about CVE-2025-71110 are not publicly available in the provided connected documents. No specific affected products, versions, or remediation information are disclosed here; monitor for updates.
CVE-2026-23261
CVE-2026-23261 corresponds to a Linux kernel NVMe over Fabrics issue where nvme_fc_init_ctrl leaks admin blk-mq resources if subsequent steps fail during controller setup. The fix ensures the admin_tagset is freed by checking ctrl->ctrl.admin_tagset in the fail_ctrl path and calling nvme_remov...
CVE-2026-31734
CVE-2026-31734 (Linux kernel sched_ext) has been fixed. The issue was a false negative where is_bpf_migration_disabled() could be incorrect on systems without CONFIG_PREEMPT_RCU, causing migration_disabled == 1 to be treated as truly migration-disabled even for the current task. The BPF prolog no...
CVE-2026-31783
The CVE-2026-31783 entry refers to a Linux kernel issue in spi: amlogic: spifc-a4 where the on-host NAND ECC engine teardown was missing in probe unwind and remove-time cleanup. The fix adds a devm cleanup action so nand_ecc_unregister_on_host_hw_engine() runs automatically on probe failures and ...
CVE-2026-43154
The CVE-2026-43154 issue affects the Linux kernel EROFS filesystem, where crafted EROFS images with valid volume labels trigger incorrect early exits in volume label handling, leading to folio reference leaks. Affected component is the EROFS implementation in the kernel; root cause is improper co...
CVE-2026-43267
The CVE-2026-43267 issue affects the Linux kernel wifi stack, specifically the rt89 beacon tracking path. The root cause is that the bss_conf->beacon_int value can be zero, which leads to a division-by-zero in subsequent calculations. The fix introduces a safe default by setting beacon interva...
CVE-2026-23280
CVE-2026-23280 affects the Linux kernel’s accel/amdxdna component. The issue is a size calculation overflow for the ubuf, which can lead to an undersized allocation and potential memory corruption. The root cause is improper handling of arithmetic when computing the ubuf size. The publicly docume...
CVE-2026-23322
The CVE-2026-23322 entry concerns the Linux kernel IPMI sender path. The root cause is a use-after-free and list corruption in the SMI sender error handling: when sender() fails, smi_work() delivers an error response but restarts without clearing curr_msg, leaving newmsg pointing to the same mess...
CVE-2026-31538
CVE-2026-31538 (Linux kernel SMB server) : A race condition in the SMB server’s recv credits logic (smbdirect_socket.recv_io.credits.available) can cause credits to be granted that may already have been consumed by the peer due to mismatched counting of posted recv_io versus granted credits. The ...
CVE-2025-71106
CVE-2025-71106 - Linux kernel fix . The vulnerability concerns the filesystems_freeze_callback() check (freeze_all_ptr) introduced by the commit “power: always freeze efivarfs.” The check was inverted, causing all file systems to be frozen when filesystem_freeze_enabled is false. This could trigg...
CVE-2026-23294
The CVE describes a race in the Linux kernel’s PREEMPT_RT path for the per-CPU xdp_dev_bulk_queue (bq). The vulnerability arises because bq_enqueue() and __dev_flush() were believed to run atomically on the same CPU, but PREEMPT_RT can preempt, leading to concurrent access to bq->count and bq-...
CVE-2026-43164
CVE-2026-43164 affects the Linux kernel UDP-Lite implementation. The issue is a null-pointer dereference in __udp_enqueue_schedule_skb() triggered during UDP-Lite socket initialization, as reported by syzbot. Post-commit changes allow udp_lib_init_sock(), udp_init_sock(), and udpv6_init_sock() to...
CVE-2025-71103
CVE-2025-71103 pertains to the Linux kernel DRM MSM Adreno driver. The issue occurs on A7xx GPUs without IFPC support, where ifpc_reglist could be dereferenced in a7xx_patch_pwrup_reglist(), leading to a kernel crash with a NULL pointer dereference (pc : a6xx_hw_init...). The vulnerability has be...
CVE-2026-23305
The CVE-2026-23305 entry concerns a Linux kernel issue in accel/rocket where unwinding in rocket_probe’s error path was incorrect. If rocket_core_init() fails (e.g., due to EPROBE_DEFER), the kernel must unwind by decrementing the incremented counter and, if it’s the first core failed to probe, c...
CVE-2026-23314
The CVE-2026-23314 entry describes a Linux kernel issue in the regulator/bq257xx subsystem: in bq257xx_reg_dt_parse_gpio(), if it fails to obtain a subchild, it may return without calling of_node_put(child), leaking a device node reference. The vulnerability is reported as resolved in the Linux k...
CVE-2026-23329
CVE-2026-23329 affects the Linux kernel libie_fwlog_deinit in the ixgbe driver flow. The vulnerability arises when unloading the driver (even if firmware logging was never initialized), enabling a call path that can lead to a kernel oops and Denial of Service. Reproduced by unloading the ixgbe dr...
CVE-2026-23342
CVE-2026-23342 describes a race in the Linux kernel’s PREEMPT_RT path for BPF cpumap/xdp_bulk_queue. The issue arises when bq_enqueue() and __cpu_map_flush() run concurrently on the same CPU, breaking assumptions about atomicity and enabling races such as double __list_del_clearprev() and concurr...
CVE-2026-43235
Summary: CVE-2026-43235 affects the Linux kernel iris media driver for SM8750. The vulnerability arises from two missing platform-data entries in the iris driver, which prevents proper internal buffer allocation and incomplete capability checks. What’s affected: Linux kernel/iris media driver (SM...
CVE-2026-43176
The CVE-2026-43176 entry refers to a vulnerability in the Linux kernel’s rtw89 WiFi driver (PCI path) affecting RTL8922DE where release report content was not properly validated. This could cause a crash (DoS) when handling a malformed TX release report. The root cause is insufficient validation ...
CVE-2026-31535
Summary: CVE-2026-31535 affects the Linux kernel SMB client receive credit management. A race in handling smbdirect_socket.recv_io.credits.available can cause over- or under-counted credits, potentially destabilizing the SMB receive path. The root cause is a window where a peer might have consume...
CVE-2026-31757
CVE-2026-31757 affects the Linux kernel USB subsystem (usbio). The issue is a memory leak where, if usb_submit_urb() fails during device probing (usbio_probe()), the previously allocated URB is not freed. The fix directs control flow to an error path (err_free_urb) to properly release the URB and...