CVE-2026-46011
- EPSS 0.13%
- Veröffentlicht 27.05.2026 12:56:13
- Zuletzt bearbeitet 16.06.2026 15:25:13
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtk_jpeg_release() function frees the context structure (ctx) without first cancelling any pending o...
CVE-2026-46009
- EPSS 0.12%
- Veröffentlicht 27.05.2026 12:56:09
- Zuletzt bearbeitet 16.06.2026 15:25:24
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epf_ntb_epc_destroy() duplicates the teardown that the caller is supposed to do later. This leads to an oops when .al...
CVE-2026-46007
- EPSS 0.12%
- Veröffentlicht 27.05.2026 12:56:06
- Zuletzt bearbeitet 16.06.2026 15:25:41
In the Linux kernel, the following vulnerability has been resolved: hwmon: (powerz) Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used f...
CVE-2026-46006
- EPSS 0.14%
- Veröffentlicht 27.05.2026 12:56:05
- Zuletzt bearbeitet 16.06.2026 15:25:48
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveau_gem_pushbuf_reloc_apply() validates each relocation with if (r->reloc_bo_offset + 4 > nvbo->bo.base.size) ...
CVE-2026-46005
- EPSS 0.13%
- Veröffentlicht 27.05.2026 12:56:03
- Zuletzt bearbeitet 16.06.2026 15:25:56
In the Linux kernel, the following vulnerability has been resolved: xfs: fix a resource leak in xfs_alloc_buftarg() In the error path, call fs_put_dax() to drop the DAX device reference.
CVE-2026-46004
- EPSS 0.13%
- Veröffentlicht 27.05.2026 12:56:01
- Zuletzt bearbeitet 16.06.2026 15:26:04
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setup_card() in caiaq driver doesn't treat the error cases gracefully, e.g. the error from snd_card_register() call...
CVE-2026-46003
- EPSS 0.12%
- Veröffentlicht 27.05.2026 12:55:59
- Zuletzt bearbeitet 16.06.2026 15:26:14
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts reg...
CVE-2026-46002
- EPSS 0.12%
- Veröffentlicht 27.05.2026 12:55:57
- Zuletzt bearbeitet 16.06.2026 15:26:25
In the Linux kernel, the following vulnerability has been resolved: ext2: reject inodes with zero i_nlink and valid mode in ext2_iget() ext2_iget() already rejects inodes with i_nlink == 0 when i_mode is zero or i_dtime is set, treating them as del...
CVE-2026-46000
- EPSS 0.16%
- Veröffentlicht 27.05.2026 12:55:55
- Zuletzt bearbeitet 16.06.2026 13:14:03
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the sk_buff may be...
CVE-2026-45999
- EPSS 0.13%
- Veröffentlicht 27.05.2026 12:55:53
- Zuletzt bearbeitet 16.06.2026 13:14:55
In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap() Some crafted images can have illegal (!partial_decoding && m_llen < m_plen) extents, and the LZ4 inplace decompression...