Lucene search
K

369093 matches found

CVE
CVE
added last week13 views

CVE-2026-53351

CVE-2026-53351 affects the Linux kernel in the riscv/ptrace path, where the REGSET_CFI handling now uses USER_REGSET_NOTE_TYPE. The authenticated change resolves a core-dump warning seen as a note in fs/binfmt_elf.c during elf_core_dump, CPU#7. The available connected records corroborate that thi...

5.8AI score0.00145EPSS
Exploits0References2
CVE
CVE
added last week14 views

CVE-2026-53350

The CVE-2026-53350 fix applies to the Linux kernel ASoC wm_adsp component. The vulnerability was a NULL dereference in wm_adsp_control_remove() when cleaning up private control data cs_ctl->priv. The patch ensures priv is non-NULL before cleanup. Two scenarios avoid creating private data: SYST...

5.8AI score0.00161EPSS
Exploits0References6
CVE
CVE
added last week14 views

CVE-2026-53349

CVE-2026-53349 concerns the Linux kernel netfilter nf_conntrack component where a stale exp->expectfn pointer can survive module removal (e.g., nf_nat_h323) and be invoked later, causing a crash (Oops) in init_conntrack when a connection arrives. The fix adds nf_ct_helper_expectfn_destroy() to...

5.9AI score0.00161EPSS
Exploits0References6
CVE
CVE
added last week18 views

CVE-2026-53347

CVE-2026-53347 affects the Linux kernel’s drm/virtio component (virtio-gpu) when built with KMS disabled. The issue: DRM atomic and modesetting aren’t initialized during driver removal/unbinding, leading to access of uninitialized data and possible kernel crash. The fix: skip shutting down the at...

5.8AI score0.00156EPSS
Exploits0References5
CVE
CVE
added last week12 views

CVE-2026-53348

CVE-2026-53348 concerns the Linux kernel ASoC SDCA subsystem. A NULL pointer dereference in sdca_dev_unregister_functions (due to func_dev entries that may be NULL when cleanup occurs) could trigger a kernel oops during device cleanup. The issue arises when a function registration partially fails...

5.8AI score0.00145EPSS
Exploits0References2
CVE
CVE
added last week18 views

CVE-2026-53345

The CVE describes a Linux kernel KVM issue where a page dirty operation could warn about a missing running vCPU even when the VM is dying. The behavior was tied to the VM’s refcount and the state of SEV-ES guests; if a guest memory page remained dirty while the VM is dying and userspace had no ac...

5.8AI score0.00156EPSS
Exploits0References5
CVE
CVE
added last week17 views

CVE-2026-53346

In CVE-2026-53346, affected software is the Linux kernel on arm64, where a rustc bug prevents -Cforce-unwind-tables=y from annotating the module, leaving the uwtable flag missing for module constructors (e.g., asan.module_ctor). When CONFIG_UNWIND_PATCH_PAC_INTO_SCS is enabled, this mismatch can ...

5.8AI score0.00156EPSS
Exploits0References4
CVE
CVE
added last week14 views

CVE-2026-53344

The CVE-2026-53344 issue in the Linux kernel affects the pinctrl driver for the mcp23s08. The root cause is that mcp->dev and mcp->addr must be initialized before regmap initialization, because regmap’s cache population via regcache_maple_populate() performs an SPI read that requires these ...

5.8AI score0.00145EPSS
Exploits0References2
CVE
CVE
added last week15 views

CVE-2026-53343

The CVE-2026-53343 entry documents a Linux kernel ARM vulnerability patch: in configurations with KASAN_VMALLOC and VMAP_STACK, a dummy read from the KASAN VMAP shadow in __switch_to() used an unaligned word load (ldr) which can fault on ARMv5 and crash ARM926/VersatilePB; the fix switches to a b...

5.8AI score0.00161EPSS
Exploits0References6
CVE
CVE
added last week15 views

CVE-2026-53342

Summary (CVE-2026-53342): In the ARM64 Linux kernel, page-table allocations performed during PGD mappings (pagetable_ctor calls) were not accompanied by matching destructor calls (pagetable_dtor) when freeing hot-removed page tables. This can produce kernel warnings about bad page state and may r...

5.8AI score0.00154EPSS
Exploits0References3
CVE
CVE
added last week16 views

CVE-2026-53340

The CVE-2026-53340 entry concerns the Linux kernel I2C imx driver where a clock-disable happens before pinctrl state switch in runtime suspend, leading to a system crash if pinctrl_pm_select_sleep_state() fails. The fix swaps the order to switch the pinctrl state before disabling the clock so a p...

5.8AI score0.00154EPSS
Exploits0References3
CVE
CVE
added last week22 views

CVE-2026-53341

The CVE-2026-53341 issue affects the Linux kernel and is resolved by addressing a use-after-free (UAF) in may_decode_fh() where mount::mnt_ns was accessed without locks, risking a concurrent unmount/free of the mnt_namespace during an RCU grace period. The patch adds an rcu_read_lock() around the...

5.8AI score0.00156EPSS
Exploits0References4
CVE
CVE
added last week15 views

CVE-2026-53339

CVE-2026-53339 affects the Linux kernel i2c-qcom-cci driver. On Qualcomm CCI with two I2C masters, if only one is initialized, device unbinding/removal can dereference NULL because cci_halt() runs for both masters while completion exists only for the active one, leading to a NULL pointer derefere...

5.8AI score0.00164EPSS
Exploits0References8
CVE
CVE
added last week14 views

CVE-2026-53338

CVE-2026-53338 concerns the Linux kernel where airoha_qdma_init_hfwd_queues() dereferences the return of of_reserved_mem_lookup() without ensuring it is non-NULL. The issue occurs when the reserved memory region referenced by the memory-region phandle is missing from the reserved-memory table, po...

5.8AI score0.00154EPSS
Exploits0References3
CVE
CVE
added last week12 views

CVE-2026-53337

The CVE concerns the Linux kernel bonding code: in bond_do_ioctl(), slave_dev is fetched via __dev_get_by_name() and then immediately used in a slave_dbg() call before checking for NULL, causing a NULL-pointer dereference when a non-existent slave interface name is provided (e.g., via bonding ioc...

5.8AI score0.00164EPSS
Exploits0References8
CVE
CVE
added last week17 views

CVE-2026-53336

CVE-2026-53336 (nvmem: layouts: onie-tlv) : A Linux kernel vulnerability where the nvmem onie-tlv parser could hang when encountering an unknown vendor-specific entry type (example 0x41) in EEPROM. The root cause was an endless loop in the parser. The published fix increments the offset for unkno...

5.8AI score0.00156EPSS
Exploits0References5
CVE
CVE
added last week11 views

CVE-2026-53334

The CVE-2026-53334 entry concerns the Linux kernel’s DAMON subsystem (mm/damon/reclaim). Concrete details show that if damon_ctx allocations fail, code paths may dereference a NULL ctx pointer in the reclaim path, leading to a NULL dereference. The fix patches the init flow so that damon_reclaim_...

6.2AI score0.00166EPSS
Exploits0References3
CVE
CVE
added last week18 views

CVE-2026-53335

The CVE-2026-53335 issue affects the Linux kernel component mm/damon/lru_sort. It arises when damon_lru_sort_enabled_store() allocates a damon_ctx object and does not handle a failed allocation; if ctx is NULL, code can reach damon_commit_ctx() and dereference the NULL pointer. The documented fix...

6.2AI score0.00166EPSS
Exploits0References3
CVE
CVE
added last week11 views

CVE-2026-53333

The CVE-2026-53333 entry describes a Linux kernel vulnerability in mm/mincore where mincore_pte_range() could spuriously WARN and report nonresident pages on !CONFIG_SWAP kernels due to the !IS_ENABLED(CONFIG_SWAP) guard running before certain non-swap entries are checked. The fix moves the guard...

5.8AI score0.00154EPSS
Exploits0References3
CVE
CVE
added last week11 views

CVE-2026-53332

CVE-2026-53332 affects the Linux kernel’s slimbus driver (qcom-ngd-ctrl) where registering SSR/PDR callbacks and enabling interrupts can occur before the NGD device is fully initialized. If remoteproc starts in parallel with probing, or if a PDR lookup is registered while remoteproc is up, callba...

5.8AI score0.00168EPSS
Exploits0References5
Rows per page
Query Builder