Lucene search
K
LinuxLinux Kernel7.1

371 matches found

CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53172

The CVE-2026-53172 issue in the Linux kernel’s accel/ethosu component is a local-privilege/heap corruption flaw caused by an incorrect mask (0x7f) when processing NPU_SET_IFM_REGION. This allows a userspace caller to supply a region index > 7, writing up to 1016 bytes past the start of region_...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53173

Summary (concrete details from provided docs): The Linux kernel component accel/ethosu contains an OOB write in ethosu_gem_cmdstream_copy_and_validate(). A local user can trigger by supplying a crafted command stream, causing memory corruption and potential instability. The issue arises in a pars...

7.8CVSS5.9AI score0.00129EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53187

The CVE-2026-53187 issue affects the Linux kernel RDMA/core: the cpu_id supplied via UVERBS_ATTR_ALLOC_DMAH_CPU_ID is passed to cpumask_test_cpu() without validating it against nr_cpu_ids, leading to an out-of-bounds read of the cpumask bitmap. On kernels built with CONFIG_DEBUG_PER_CPU_MAPS this...

7.1CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53201

CVE-2026-53201 affects the Linux kernel, with multiple sources (NVD, OSV, Debian security tracker, Ubuntu, etc.) describing a fix that reverts a prior optimization. The issue arises because the idle-skip optimization in the DRM/xe path can bypass GuC suspend, potentially skipping the context-swit...

7.8CVSS5.7AI score0.00137EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53206

CVE-2026-53206 affects the Linux kernel (accel/ivpu) where the firmware runtime memory in the image header lacked proper bounds checks. The issue is addressed by validating alignment and sizing to ensure the firmware image fits in memory, preventing allocation or transfer errors. The available co...

5.5CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53223

CVE-2026-53223 (Linux kernel) : A networking timestamping bug in net: guard timestamp cmsgs to real error queue skbs where skb_is_err_queue() incorrectly treated PACKET_OUTGOING as the sole marker for sk_error_queue. This misclassification affects AF_PACKET sockets, allowing timestamp-related con...

7.1CVSS5.8AI score0.00131EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53237

In CVE-2026-53237, the Linux kernel’s mvebu GPIO implementation can dereference a NULL mvchip->mvpwm during suspend/resume because mvebu_pwm_suspend() / mvebu_pwm_resume() are invoked for all GPIO banks, including those without PWM functionality. The root cause is that some banks have mvchip-&...

5.5CVSS5.8AI score0.00127EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53240

CVE-2026-53240 concerns a use-after-free in the Linux kernel xfrm: iptfs partial reassembly logic (__input_process_payload). The bug occurs when first_skb is saved to xtfs->ra_newskb under drop_lock and a concurrent path may complete reassembly, NULL the ra_newskb, and free the skb before the ...

8.8CVSS5.8AI score0.00418EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53271

CVE-2026-53271 affects the Linux kernel ksmbd component. The vulnerability is a NULL-deref in oplock/lease break notifiers: smb2_oplock_break_noti() and smb2_lease_break_noti() read opinfo->conn into a local buffer without READ_ONCE and without a NULL check. After opinfo_get_list() drops ci-&g...

5.5CVSS5.7AI score0.00119EPSS
CVE
CVE
added 2026/06/24 7:14 a.m.10 views

CVE-2026-52918

The CVE-2026-52918 entry concerns a race in the Linux kernel Bluetooth subsystem. Specifically, bt_sock_poll() traverses the accept_q without proper synchronization, allowing a race between normal polling and child socket teardown which can drop the last reference on the same socket. The advisory...

8.8CVSS5.7AI score0.00266EPSS
CVE
CVE
added 2026/06/24 7:14 a.m.10 views

CVE-2026-52921

CVE-2026-52921 : In the Linux kernel, netfilter ipset hash:* range iteration could continue past the upper bound when iterating IPv4 ranges, due to a 32-bit iterator not stopping at the end. This allowed traversal state to move past the requested boundary and potentially affect retries. The issue...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/06/24 7:14 a.m.10 views

CVE-2026-52928

CVE-2026-52928 affects the Linux kernel af_unix implementation. In non-stream sockets (e.g., SOCK_DGRAM, SOCK_SEQPACKET), SIOCATMARK is incorrectly handled for MSG_OOB and should be rejected; the fix returns -EOPNOTSUPP before inspecting the receive queue. Multiple advisories note the issue is re...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.10 views

CVE-2026-53156

The CVE-2026-53156 entry concerns a Linux kernel vmem core use-after-free in error paths. The description specifies that several error paths call __nvmem_device_put() which may free the underlying memory and other resources, and the code may continue to use the nvmem structure. The fix is to ensu...

7.8CVSS5.7AI score0.00125EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53203

CVE-2026-53203 affects the Linux kernel’s accel/ivpu component. A buffer overflow can occur when the firmware returns a metric-stream info size larger than the allocated buffer during get_info_ioctl; if this happens, the operation could copy beyond the buffer. Remediation implemented in the publi...

7.1CVSS6AI score0.00153EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53248

In Linux kernel, the airoha net driver has a use-after-free in metadata_dst teardown (CVE-2026-53248). The airoha_metadata_dst_free() function frees the metadata_dst with kfree() immediately, bypassing the RCU grace period, while the RX path may hold a non-refcounted pointer from skb to the dst v...

8.8CVSS5.7AI score0.00391EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53261

The CVE-2026-53261 issue affects the Linux kernel devlink path: when a devlink instance obtains a nested relation before registration and probe later fails, devl_unregister() does not run for an unregistered instance, leaking devlink->rel. The fix releases any pending relation from devlink_fre...

5.5CVSS5.7AI score0.00119EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.9 views

CVE-2026-53141

The CVE-2026-53141 issue affects the Linux kernel drm/v3d driver’s global performance monitor reference counting. The root cause is leaking references obtained by v3d_perfmon_find(): (1) the SET_GLOBAL_ioctl path leaks on error, (2) CLEAR_GLOBAL leaks the find reference and the earlier stash of t...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.9 views

CVE-2026-53210

The CVE-2026-53210 issue is in the Linux kernel’s Trusted Execution Environment (TEE) subsystem. A shm leak occurs in register_shm_helper() when TEE_IOC_SHM_REGISTER registers a zero-length shared memory, because shm is allocated before iov_iter_npages() and not freed if it returns 0; the code pa...

5.5CVSS5.7AI score0.00127EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.8 views

CVE-2026-53233

CVE-2026-53233 concerns the Linux kernel: a double-free in netdev_nl_bind_rx_doit() linked to how genlmsg_reply() consumes the skb. The error path calls nlmsg_free(rsp) and the code should not unbind; instead the error is propagated to the user. This aligns with the description that such issues s...

7.8CVSS5.7AI score0.00138EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.7 views

CVE-2026-53162

Summary (CVE-2026-53162) : In the Linux kernel memcg subsystem, a non-NMI-safe path around random-number generation during NMI handling could corrupt the ChaCha batch state, enabling memcg charge draining. The fix replaces the get_random_u32_below() path with a per-CPU round-robin counter stored ...

7.8CVSS5.8AI score0.00136EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53188

The CVE-2026-53188 entry concerns a Linux kernel RDMA/core flaw where fops passed to ib_get_ucaps() could be spoofed via a block device sharing a dev_t with a character device (char/block alias). The root cause is insufficient validation of f_ops, allowing a local attacker with access to device n...

8.8CVSS5.8AI score0.00136EPSS
Total number of security vulnerabilities371