Lucene search
K
LinuxLinux Kernel6.19.6

9 matches found

CVE
CVE
added 2026/04/12 5:36 a.m.58 views

CVE-2026-31413

CVE-2026-31413 — Linux kernel BPF verifier flaw (CVE-joined info from multiple sources) The issue arises in maybe_fork_scalars() when handling ARSH plus AND/OR with a constant in the BPF verifier. The code forks the verifier state; the pushed path previously used env->insn_idx + 1, so it re-ex...

7.8CVSS5.7AI score0.00221EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.30 views

CVE-2026-43371

The CVE-2026-43371 details the Linux kernel macb driver fault where disabling transmit resets tx_head/tx_tail to 0, causing silent loss of queued packets, memory leaks, and race conditions between macb_tx_poll() and macb_start_xmit(). This can prolong recovery after suspend (e.g., NFS rootfs on A...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.27 views

CVE-2026-23443

CVE-2026-23443 refers to a Linux kernel ACPI processor errata handling flaw (piix4). A use-after-free could occur from dereferencing device pointers after their objects were freed, stemming from a NULL-pointer dereference in acpi_processor_errata_piix4(). The fix moves diagnostic message printing...

5.5CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.24 views

CVE-2026-31573

The vulnerability CVE-2026-31573 affects the Linux kernel media: verisilicon hantro_vpu driver. When built as a module, incorrect use of the __initconst annotation frees data prematurely, and non-init probe code later accesses this freed data, causing a kernel panic (page fault) during hantro_pro...

5.5CVSS5.3AI score0.00107EPSS
CVE
CVE
added 2026/05/28 9:41 a.m.24 views

CVE-2026-46240

The CVE-2026-46240 issue affects the Linux kernel iris driver. A use-after-free occurs when iris_release_internal_buffers() accesses a buffer after session_release_buf() frees it, caused by a regression from a change that destroys internal buffers after FW releases. The documented fix sets BUF_AT...

7.8CVSS5.8AI score0.00124EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.19 views

CVE-2026-43440

CVE-2026-43440 affects the Linux kernel net/mana driver, where during mana_gd_setup() cleanup a workqueue pointer (service_wq) could remain non-NULL after destroy_workqueue(), leading to a potential use-after-free if the pointer is checked after a failed setup. Connected advisories confirm the ro...

7.8CVSS5.8AI score0.00124EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.17 views

CVE-2026-43367

The CVE-2026-43367 issue affects the Linux kernel, specifically the drm/amd component. It stems from NULL pointer dereferences during device cleanup on unsupported hardware, caused by missing NULL checks on a version pointer. The fixes add NULL checks to these cleanup paths and were cherry-picked...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.17 views

CVE-2026-43369

Summary (CVE-2026-43369): In the Linux kernel’s drm/amd driver, if GPU initialization fails due to an unsupported hardware block, some IP blocks may have a NULL version pointer. During device cleanup, amdgpu_device_set_pg_state and amdgpu_device_set_cg_state access adev->ip_blocks[i].version w...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.10 views

CVE-2026-31513

Summary: CVE-2026-31513 affects the Linux kernel Bluetooth L2CAP code. A stack-out-of-bounds read occurs in l2cap_ecred_conn_req when handling a malformed Enhanced Credit Based Connection Request with more SCIDs than allowed. The bug arises from computing rsp_len before validating the number of S...

8.1CVSS5.8AI score0.00252EPSS