369093 matches found
CVE-2026-53351
CVE-2026-53351 affects the Linux kernel in the riscv/ptrace path, where the REGSET_CFI handling now uses USER_REGSET_NOTE_TYPE. The authenticated change resolves a core-dump warning seen as a note in fs/binfmt_elf.c during elf_core_dump, CPU#7. The available connected records corroborate that thi...
CVE-2026-53350
The CVE-2026-53350 fix applies to the Linux kernel ASoC wm_adsp component. The vulnerability was a NULL dereference in wm_adsp_control_remove() when cleaning up private control data cs_ctl->priv. The patch ensures priv is non-NULL before cleanup. Two scenarios avoid creating private data: SYST...
CVE-2026-53349
CVE-2026-53349 concerns the Linux kernel netfilter nf_conntrack component where a stale exp->expectfn pointer can survive module removal (e.g., nf_nat_h323) and be invoked later, causing a crash (Oops) in init_conntrack when a connection arrives. The fix adds nf_ct_helper_expectfn_destroy() to...
CVE-2026-53347
CVE-2026-53347 affects the Linux kernel’s drm/virtio component (virtio-gpu) when built with KMS disabled. The issue: DRM atomic and modesetting aren’t initialized during driver removal/unbinding, leading to access of uninitialized data and possible kernel crash. The fix: skip shutting down the at...
CVE-2026-53348
CVE-2026-53348 concerns the Linux kernel ASoC SDCA subsystem. A NULL pointer dereference in sdca_dev_unregister_functions (due to func_dev entries that may be NULL when cleanup occurs) could trigger a kernel oops during device cleanup. The issue arises when a function registration partially fails...
CVE-2026-53345
The CVE describes a Linux kernel KVM issue where a page dirty operation could warn about a missing running vCPU even when the VM is dying. The behavior was tied to the VM’s refcount and the state of SEV-ES guests; if a guest memory page remained dirty while the VM is dying and userspace had no ac...
CVE-2026-53346
In CVE-2026-53346, affected software is the Linux kernel on arm64, where a rustc bug prevents -Cforce-unwind-tables=y from annotating the module, leaving the uwtable flag missing for module constructors (e.g., asan.module_ctor). When CONFIG_UNWIND_PATCH_PAC_INTO_SCS is enabled, this mismatch can ...
CVE-2026-53344
The CVE-2026-53344 issue in the Linux kernel affects the pinctrl driver for the mcp23s08. The root cause is that mcp->dev and mcp->addr must be initialized before regmap initialization, because regmap’s cache population via regcache_maple_populate() performs an SPI read that requires these ...
CVE-2026-53343
The CVE-2026-53343 entry documents a Linux kernel ARM vulnerability patch: in configurations with KASAN_VMALLOC and VMAP_STACK, a dummy read from the KASAN VMAP shadow in __switch_to() used an unaligned word load (ldr) which can fault on ARMv5 and crash ARM926/VersatilePB; the fix switches to a b...
CVE-2026-53342
Summary (CVE-2026-53342): In the ARM64 Linux kernel, page-table allocations performed during PGD mappings (pagetable_ctor calls) were not accompanied by matching destructor calls (pagetable_dtor) when freeing hot-removed page tables. This can produce kernel warnings about bad page state and may r...
CVE-2026-53340
The CVE-2026-53340 entry concerns the Linux kernel I2C imx driver where a clock-disable happens before pinctrl state switch in runtime suspend, leading to a system crash if pinctrl_pm_select_sleep_state() fails. The fix swaps the order to switch the pinctrl state before disabling the clock so a p...
CVE-2026-53341
The CVE-2026-53341 issue affects the Linux kernel and is resolved by addressing a use-after-free (UAF) in may_decode_fh() where mount::mnt_ns was accessed without locks, risking a concurrent unmount/free of the mnt_namespace during an RCU grace period. The patch adds an rcu_read_lock() around the...
CVE-2026-53339
CVE-2026-53339 affects the Linux kernel i2c-qcom-cci driver. On Qualcomm CCI with two I2C masters, if only one is initialized, device unbinding/removal can dereference NULL because cci_halt() runs for both masters while completion exists only for the active one, leading to a NULL pointer derefere...
CVE-2026-53338
CVE-2026-53338 concerns the Linux kernel where airoha_qdma_init_hfwd_queues() dereferences the return of of_reserved_mem_lookup() without ensuring it is non-NULL. The issue occurs when the reserved memory region referenced by the memory-region phandle is missing from the reserved-memory table, po...
CVE-2026-53337
The CVE concerns the Linux kernel bonding code: in bond_do_ioctl(), slave_dev is fetched via __dev_get_by_name() and then immediately used in a slave_dbg() call before checking for NULL, causing a NULL-pointer dereference when a non-existent slave interface name is provided (e.g., via bonding ioc...
CVE-2026-53336
CVE-2026-53336 (nvmem: layouts: onie-tlv) : A Linux kernel vulnerability where the nvmem onie-tlv parser could hang when encountering an unknown vendor-specific entry type (example 0x41) in EEPROM. The root cause was an endless loop in the parser. The published fix increments the offset for unkno...
CVE-2026-53334
The CVE-2026-53334 entry concerns the Linux kernel’s DAMON subsystem (mm/damon/reclaim). Concrete details show that if damon_ctx allocations fail, code paths may dereference a NULL ctx pointer in the reclaim path, leading to a NULL dereference. The fix patches the init flow so that damon_reclaim_...
CVE-2026-53335
The CVE-2026-53335 issue affects the Linux kernel component mm/damon/lru_sort. It arises when damon_lru_sort_enabled_store() allocates a damon_ctx object and does not handle a failed allocation; if ctx is NULL, code can reach damon_commit_ctx() and dereference the NULL pointer. The documented fix...
CVE-2026-53333
The CVE-2026-53333 entry describes a Linux kernel vulnerability in mm/mincore where mincore_pte_range() could spuriously WARN and report nonresident pages on !CONFIG_SWAP kernels due to the !IS_ENABLED(CONFIG_SWAP) guard running before certain non-swap entries are checked. The fix moves the guard...
CVE-2026-53332
CVE-2026-53332 affects the Linux kernel’s slimbus driver (qcom-ngd-ctrl) where registering SSR/PDR callbacks and enabling interrupts can occur before the NGD device is fully initialized. If remoteproc starts in parallel with probing, or if a PDR lookup is registered while remoteproc is up, callba...