CVE-2026-43460
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:23
- Zuletzt bearbeitet 20.05.2026 18:50:11
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove() callback The driver uses devm_spi_register_controller() for registration, which automatically unregisters the controller via devm cle...
CVE-2026-43461
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:23
- Zuletzt bearbeitet 20.05.2026 18:41:12
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in aml_sfc_dma_buffer_setup() error paths: 1. Unnecessary goto: When the first DMA mapping (sfc->daddr) fails,...
CVE-2026-43459
- EPSS 0.11%
- Veröffentlicht 08.05.2026 14:22:22
- Zuletzt bearbeitet 21.05.2026 16:45:58
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in snd_soc_dapm_stream_event...
CVE-2026-43458
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:21
- Zuletzt bearbeitet 21.05.2026 16:47:42
In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty->link reference in ldisc_open and ser_release A reproducer triggers a KASAN slab-use-after-free in pty_write_room() when caif_serial's TX path calls tty_writ...
CVE-2026-43456
- EPSS 0.16%
- Veröffentlicht 08.05.2026 14:22:20
- Zuletzt bearbeitet 20.05.2026 18:03:53
In the Linux kernel, the following vulnerability has been resolved: bonding: fix type confusion in bond_setup_by_slave() kernel BUG at net/core/skbuff.c:2306! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI RIP: 0010:pskb_expand_head+0xa08/0xfe0 ne...
CVE-2026-43457
- EPSS 0.11%
- Veröffentlicht 08.05.2026 14:22:20
- Zuletzt bearbeitet 21.05.2026 16:50:46
In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev->allow_rx' is false, the newly allocated skb isn't consumed by netif_rx(), it needs to free the skb directly.
CVE-2026-43455
- EPSS 0.11%
- Veröffentlicht 08.05.2026 14:22:19
- Zuletzt bearbeitet 20.05.2026 18:04:20
In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key->lock in mctp_flow_prepare_output() mctp_flow_prepare_output() checks key->dev and may call mctp_dev_set_key(), but it does not hold key->lock while doing so....
CVE-2026-43453
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:22:18
- Zuletzt bearbeitet 21.05.2026 16:52:05
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop() pipapo_drop() passes rulemap[i + 1].n to pipapo_unmap() as the to_offset argument on every iteration, inclu...
CVE-2026-43454
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:18
- Zuletzt bearbeitet 20.05.2026 18:04:47
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix for duplicate device in netdev hooks When handling NETDEV_REGISTER notification, duplicate device registration must be avoided since the device may have b...
CVE-2026-43452
- EPSS 0.44%
- Veröffentlicht 08.05.2026 14:22:17
- Zuletzt bearbeitet 21.05.2026 16:54:50
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += op[i + 1] ? : 1 c...