Kernel
by Linux
Source repositories
CVEs (15,869)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-53343 | 0.00 | — | 0.00 | Jul 1, 2026 | kernel: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow | |||
| CVE-2026-53336 | 0.00 | — | 0.00 | Jul 1, 2026 | kernel: nvmem: layouts: onie-tlv: fix hang on unknown types | |||
| CVE-2026-53335 | 0.00 | — | 0.00 | Jul 1, 2026 | kernel: mm/damon/lru_sort: handle ctx allocation failure | |||
| CVE-2026-53334 | 0.00 | — | 0.00 | Jul 1, 2026 | kernel: mm/damon/reclaim: handle ctx allocation failure | |||
| CVE-2026-53332 | 0.00 | — | 0.00 | Jul 1, 2026 | kernel: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd | |||
| CVE-2026-53328 | 0.00 | — | 0.00 | Jul 1, 2026 | kernel: sched_ext: Don't warn on NULL cgrp_moving_from in scx_cgroup_move_task() | |||
| CVE-2026-53338 | 0.00 | — | 0.00 | Jul 1, 2026 | kernel: net: airoha: Add NULL check for of_reserved_mem_lookup() in airoha_qdma_init_hfwd_queues() | |||
| CVE-2026-53316 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected() Fixes a NULL pointer dereference when ras_core is NULL and ras_core->dev is accessed in the error path. Reported by: Dan Carpenter… | |||
| CVE-2026-53297 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard mana_remove against double invocation If PM resume fails (e.g., mana_attach() returns an error), mana_probe() calls mana_remove(), which tears down the device and sets gd->gdma_context = NULL… | |||
| CVE-2026-53300 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue [1]. If netc_xmit_ntmp_cmd() times out and returns an error, the pending command is not… | |||
| CVE-2026-53305 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup > /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the… | |||
| CVE-2026-53283 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in __rlookup_amd_iommu() iommu_device_register() walks every device on the PCI bus via bus_for_each_dev() and calls amd_iommu_probe_device() for each. The inlined check_device()… | |||
| CVE-2026-53284 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: btrfs: only release the dirty pages io tree after successful writes [WARNING] With extra warning on dirty extent buffers at umount (aka, the next patch in the series), test case generic/388 can trigger the… | |||
| CVE-2026-53296 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed… | |||
| CVE-2026-53288 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of [data, end) segment may overflow into the next page of init_pg_end[1] which is the gap page before early_init_stack[2]: [1]… | |||
| CVE-2026-53282 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a… | |||
| CVE-2026-53293 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG There were multiple issues in that code. First of all the order between the reset semaphore and the mm_lock was wrong (e.g. copy_to_user) was called while holding the… | |||
| CVE-2026-53311 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fuse_dentry_revalidate() fuse_dentry_revalidate() may be called with a dentry that didn't had ->d_time initialised. The issue was found with KMSAN, where lookup_open() calls… | |||
| CVE-2026-53306 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: tty: hvc_iucv: fix off-by-one in number of supported devices MAX_HVC_IUCV_LINES == HVC_ALLOC_TTY_ADAPTERS == 8. This is the number of entries in: static struct hvc_iucv_private… | |||
| CVE-2026-53299 | 0.00 | — | 0.00 | Jun 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airoha_qdma_init_tx() If queue entry list allocation fails in airoha_qdma_init_tx_queue routine, airoha_qdma_cleanup_tx_queue() will trigger a NULL pointer… |
- CVE-2026-53343Jul 1, 2026risk 0.00cvss —epss 0.00
kernel: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow
- CVE-2026-53336Jul 1, 2026risk 0.00cvss —epss 0.00
kernel: nvmem: layouts: onie-tlv: fix hang on unknown types
- CVE-2026-53335Jul 1, 2026risk 0.00cvss —epss 0.00
kernel: mm/damon/lru_sort: handle ctx allocation failure
- CVE-2026-53334Jul 1, 2026risk 0.00cvss —epss 0.00
kernel: mm/damon/reclaim: handle ctx allocation failure
- CVE-2026-53332Jul 1, 2026risk 0.00cvss —epss 0.00
kernel: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd
- CVE-2026-53328Jul 1, 2026risk 0.00cvss —epss 0.00
kernel: sched_ext: Don't warn on NULL cgrp_moving_from in scx_cgroup_move_task()
- CVE-2026-53338Jul 1, 2026risk 0.00cvss —epss 0.00
kernel: net: airoha: Add NULL check for of_reserved_mem_lookup() in airoha_qdma_init_hfwd_queues()
- CVE-2026-53316Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected() Fixes a NULL pointer dereference when ras_core is NULL and ras_core->dev is accessed in the error path. Reported by: Dan Carpenter…
- CVE-2026-53297Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard mana_remove against double invocation If PM resume fails (e.g., mana_attach() returns an error), mana_probe() calls mana_remove(), which tears down the device and sets gd->gdma_context = NULL…
- CVE-2026-53300Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue [1]. If netc_xmit_ntmp_cmd() times out and returns an error, the pending command is not…
- CVE-2026-53305Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup > /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the…
- CVE-2026-53283Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in __rlookup_amd_iommu() iommu_device_register() walks every device on the PCI bus via bus_for_each_dev() and calls amd_iommu_probe_device() for each. The inlined check_device()…
- CVE-2026-53284Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: btrfs: only release the dirty pages io tree after successful writes [WARNING] With extra warning on dirty extent buffers at umount (aka, the next patch in the series), test case generic/388 can trigger the…
- CVE-2026-53296Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed…
- CVE-2026-53288Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of [data, end) segment may overflow into the next page of init_pg_end[1] which is the gap page before early_init_stack[2]: [1]…
- CVE-2026-53282Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a…
- CVE-2026-53293Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG There were multiple issues in that code. First of all the order between the reset semaphore and the mm_lock was wrong (e.g. copy_to_user) was called while holding the…
- CVE-2026-53311Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fuse_dentry_revalidate() fuse_dentry_revalidate() may be called with a dentry that didn't had ->d_time initialised. The issue was found with KMSAN, where lookup_open() calls…
- CVE-2026-53306Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: tty: hvc_iucv: fix off-by-one in number of supported devices MAX_HVC_IUCV_LINES == HVC_ALLOC_TTY_ADAPTERS == 8. This is the number of entries in: static struct hvc_iucv_private…
- CVE-2026-53299Jun 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airoha_qdma_init_tx() If queue entry list allocation fails in airoha_qdma_init_tx_queue routine, airoha_qdma_cleanup_tx_queue() will trigger a NULL pointer…
Page 597 of 794