Lucene search
K
LinuxLinux Kernel6.6.120

9 matches found

CVE
CVE
added 2026/02/14 4:27 p.m.43 views

CVE-2026-23207

CVE-2026-23207 concerns the Linux kernel SPI Tegra210 quad driver. The issue arose because curr_xfer accesses were not consistently protected by the lock in the IRQ thread path, enabling a race against the timeout path where curr_xfer could be NULL after being cleared but still dereferenced in ha...

4.7CVSS5.2AI score0.00088EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.37 views

CVE-2026-43120

In the Linux kernel RDMA/irdma driver, CVE-2026-43120 describes a double-free during rereg_user_mr when IB_MR_REREG_TRANS is set. If the trans reg path fails after allocating a new umem, the code releases it but fails to NULL the iwmr->region, causing ib_umem_release to be invoked again during...

7.8CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.36 views

CVE-2026-31508

The CVE-2026-31508 issue affects the Linux kernel in the Open vSwitch teardown path. The root cause is that after a patch, the teardown code for OVS ports no longer unconditionally takes the RTNL, allowing netdev_destroy() to finish and free the netdev before unregistration completes if the IFF_O...

7.8CVSS5.6AI score0.00129EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.28 views

CVE-2026-45914

CVE-2026-45914 affects the Linux kernel hwmon ibmpex driver, where a race during sensor deletion can race with userspace access to a freed sensor data structure, causing a use-after-free and potential crash. The description notes that the patch reverting the previous fix (6946c726…) may introduce...

7.8CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.27 views

CVE-2026-23200

CVE-2026-23200: In the Linux kernel, a bug in ipv6 ECMP handling occurred when clearing RTF_ADDRCONF during static route addition, causing a mismatch between the fib6_next chain and fib6_siblings list and triggering a kernel BUG. The fix (as described in the report) is to clear RTF_ADDRCONF only ...

5.5CVSS5.3AI score0.00114EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.26 views

CVE-2026-23202

The CVE-2026-23202 issue is in the Linux kernel SPI driver for Tegra210-quad (tegra_qspi_combined_seq_xfer). The root cause is that curr_xfer is read by the IRQ handler without the spinlock, and is cleared without proper synchronization, allowing a race that could yield a NULL pointer dereference...

5.5CVSS5.2AI score0.00111EPSS
CVE
CVE
added 2026/01/23 3:24 p.m.24 views

CVE-2026-22988

CVE-2026-22988 affects the Linux kernel’s arp handling, specifically the assumption that skb->head remains unchanged after dev_hard_header() in arp_create(). The issue arises when a recent commit altered skb->head, breaking that assumption. The publicly provided description and OpenVAS/Ness...

7.8CVSS5.2AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23360

CVE-2026-23360 relates to the Linux kernel nvme subsystem where, during a controller reset, nvme_alloc_admin_tag_set() could leave a previous admin queue alive, risking an orphaned queue. The issue is fixed by releasing the old queue before allocating a new one, mitigating the leak. Multiple conn...

5.5CVSS5.6AI score0.00123EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.15 views

CVE-2026-53214

The CVE-2026-53214 entry concerns the Linux kernel IPv6 code. The vulnerability occurs when addrconf_get_prefix_route() can return the fib6_null_entry sentinel, which has a NULL fib6_table pointer. Before setting a route’s expiration time, the code must verify that it is not operating on the fib6...

5.5CVSS5.8AI score0.00122EPSS