Linux Kernel: 25 Vulnerabilities Disclosed in Single Batch on June 3, 2026
A significant batch of 25 vulnerabilities affecting various components of the Linux kernel were disclosed on June 3, 2026, ranging from driver issues to core networking flaws.
Key findings
- 25 Linux kernel vulnerabilities disclosed simultaneously on June 3, 2026.
- Issues affect diverse subsystems including drivers, networking, and core kernel functions.
- Vulnerabilities range from race conditions and NULL pointer dereferences to out-of-bounds access.
- Specific drivers like
ibmveth,ath12k, andpinctrlare among those affected. - Networking flaws include issues in RAW sockets and IPv6 routing.
- No immediate reports of active exploitation in the wild for this batch.
On June 3, 2026, a substantial collection of 25 vulnerabilities impacting the Linux kernel was disclosed in a single, coordinated event. These issues span a wide array of subsystems, including drivers, networking, and core kernel functionalities, highlighting the complexity and breadth of potential security concerns within the widely used operating system.
The vulnerabilities address a variety of technical problems, many of which involve potential crashes, race conditions, or incorrect handling of system resources. For instance, CVE-2026-46273 in the ibmveth driver addresses an issue where certain physical adapters on Power systems could freeze due to improper handling of segmentation offload with small MSS values. Similarly, CVE-2026-46272 in the coresight subsystem fixes a race condition that could occur when the sysfs and perf modes were used concurrently, potentially triggering a kernel warning.
Several vulnerabilities were identified within device drivers. CVE-2026-46271 in the ath12k Wi-Fi driver corrects a firmware crash that could occur in multi-link connections by ensuring WoW offloads are only enabled on the primary link. The power: supply: rt9455 driver is affected by CVE-2026-46260, which fixes a use-after-free error in the power_supply_changed() function due to incorrect resource management. Another driver-related issue, CVE-2026-46269, in the pinctrl: canaan: k230 driver, resolves a NULL pointer dereference that occurred during device tree parsing.
Networking components were also a focus of this disclosure batch. CVE-2026-46266 addresses a critical security flaw in inet: RAW sockets where incoming ICMP packets could be mishandled, potentially leading to dangerous consequences for systems using IPPROTO_RAW. The ipv6 subsystem is affected by CVE-2026-46260, which fixes an out-of-bound access in fib6_add_rt2node() when creating IPv6 routes with RTA_NH_ID. Additionally, CVE-2026-46256 in gpio: cdev prevents a NULL dereference in linehandle_create() by ensuring proper pointer handling.
Other notable vulnerabilities include CVE-2026-46259, which fixes missing RCU protection when reading real_parent in do_task_stat() for /proc/[pid]/stat files, preventing potential race conditions. CVE-2026-46255 in dmaengine: fsl-edma ensures clocks are not explicitly disabled in the .remove() function, as they are managed automatically. CVE-2026-46254 in AppArmor allows the system to handle unaligned DFA tables, preventing potential crashes on various architectures.
The disclosures also touched upon file system integrity and performance. CVE-2026-46253 in pstore/ram fixes a buffer overflow in persistent_ram_save_old(). CVE-2026-46251 in clocksource/drivers/timer-sp804 addresses an Oops on ARM32 platforms when read_current_timer is called. CVE-2026-46231 in btrfs resolves corruption in the dirty_list when the EXTENT_TREE_V2 incompat flag is set.
While the provided descriptions do not indicate active exploitation in the wild or specific threat actor involvement for this batch, the sheer volume and diversity of the vulnerabilities underscore the importance of timely kernel updates. Users and system administrators are advised to review the specific details of each CVE and apply relevant patches as they become available through their respective Linux distributions.
This coordinated disclosure event serves as a reminder of the ongoing security efforts within the Linux kernel development community. The fixes address a range of issues, from subtle race conditions to more direct memory access vulnerabilities, all aimed at maintaining the stability and security of the Linux operating system.