kernel patching

CVE-2026-31623 is a small Linux kernel fix with an outsized lesson: obscure device drivers still sit on critical trust boundaries. The flaw affects the cdc-phonet USB networking path, where a malicious device pretending to be a CDC Phonet modem could push the receive path past the allowed skb...

CVE-2026-31639 is a small-looking Linux kernel fix with the kind of operational footprint that administrators should not ignore: an rxrpc key reference count leak tied to client call teardown. The issue, published on April 24, 2026 and still awaiting full NVD enrichment, centers on a missing...

A newly published Linux kernel vulnerability, CVE-2026-31575, highlights how a small unit mismatch in memory-management code can cascade into a race condition with serious stability implications. The flaw sits in the interaction between userfaultfd and HugeTLB handling, where the kernel could...

CVE-2026-31498 is a reminder that some of the most consequential kernel bugs are not dramatic buffer overflows or headline-grabbing remote exploits, but state-machine failures and validation gaps buried in long-lived protocol code. In this case, the Linux kernel’s Bluetooth L2CAP layer can be...

The Linux kernel received a targeted robustness fix for a device‑mapper ioctl bug tracked as CVE‑2024‑23851: a missing check in copy_params (drivers/md/dm-ioctl.c) could let an ioctl request lead the kernel to try to allocate more than INT_MAX bytes and crash, producing a local denial‑of‑service...

A critical robustness bug in the Linux kernel’s AMDGPU driver—tracked as CVE-2024-42228—allows a local actor to provoke a kernel-level denial-of-service by using an uninitialized value when the driver calls amdgpu_vce_cs_reloc, and upstream fixes have been merged into stable kernel trees and...

The Linux kernel received a targeted fix for a subtle but disruptive bug in its object‑aggregation helper: CVE‑2024‑43846 — “lib: objagg: Fix general protection fault”, a defect that can trigger a general protection fault (GPF) and turn routine operations into a local denial‑of‑service condition...

Microsoft’s advisory around CVE‑2025‑37988 makes an important distinction: the Azure Linux distribution (formerly CBL‑Mariner) is the only Microsoft product that the company has publicly attested contains the vulnerable upstream kernel code — but that admission is a statement about completed...

A small, defensive change in the Linux kernel’s in‑kernel SMB server, ksmbd, has been tracked as CVE‑2025‑37956 and fixed upstream — but Microsoft’s public wording that “Azure Linux includes this open‑source library and is therefore potentially affected” is a product‑scoped attestation, not...

Microsoft’s brief advisory language — that “Azure Linux includes this open‑source library and is therefore potentially affected” — is accurate for the product it names, but it is not an exclusive statement that no other Microsoft product could include the same vulnerable code; in short: Azure...