linux kernel security

CVE-2026-31630 is a small-looking Linux kernel fix with a larger lesson: buffer sizing still matters, even in diagnostic paths that most users never touch. The flaw sits in the AF_RXRPC procfs code, where socket addresses were formatted into fixed 50-byte stack buffers even though a current...

CVE-2026-31629 is a small Linux kernel flaw with a familiar lesson: in privileged code, a missing return can become a memory-safety vulnerability. The issue sits in the kernel’s NFC LLCP receive path, where two functions clean up a closed socket but then continue executing and repeat the...

CVE-2026-31662 is a reminder that some of the most disruptive kernel bugs are not dramatic memory-corruption exploits but quiet state-machine failures that can strand production workloads. The flaw sits in the Linux kernel’s Transparent Inter-Process Communication implementation, where duplicate...

A newly published Linux kernel vulnerability, CVE-2026-31575, highlights how a small unit mismatch in memory-management code can cascade into a race condition with serious stability implications. The flaw sits in the interaction between userfaultfd and HugeTLB handling, where the kernel could...

CVE-2026-23414 is not the kind of Linux kernel flaw that produces dramatic remote-code-execution headlines, but it is exactly the sort of low-level reliability bug that can quietly matter in real systems. The issue sits in the kernel TLS receive path, where asynchronous decryption can leave...

CVE-2026-31672 is not the kind of Linux kernel vulnerability that will dominate headlines with remote-code-execution drama, but it is exactly the kind of low-level driver flaw that security teams ignore at their peril. The issue, published on April 24, 2026, concerns the rt2x00usb Wi-Fi driver...

CVE-2026-31602 is a small-looking Linux kernel fix with a bigger lesson for anyone who runs older enthusiast hardware on modern systems. The issue sits in the ALSA ctxfi driver for Creative Sound Blaster X-Fi cards and stems from a mismatch between a long-ago scalability change and the way the...

CVE-2026-31566 is a small Linux kernel fix with a large lesson: in GPU drivers, object lifetime rules are not bookkeeping trivia but security boundaries. The flaw sits in the AMDGPU and AMDKFD integration path, where a fence returned from GPU job scheduling could be released before the code...

CVE-2026-31605 is not the sort of vulnerability that generates splashy exploit headlines, but it is exactly the kind of kernel flaw that keeps platform security teams busy: a small arithmetic validation mistake in an old graphics path that can still crash modern systems under the right...

CVE-2026-31660 is a compact Linux kernel bug with an outsized lesson: small accounting errors in device drivers can still become security advisories when they cross memory-management boundaries. The flaw sits in the NFC PN533/PN532 receive path, where the kernel could consume bytes from a serial...

CVE-2026-31618 is not the kind of Linux kernel vulnerability that will dominate mainstream headlines, but it is exactly the kind of flaw that keeps platform engineers, distro maintainers, and Windows administrators with Linux workloads paying attention. The issue centers on the tdfxfb...

CVE-2026-31606 is a narrow-looking Linux kernel bug with a much bigger lesson than its short description suggests: teardown must be treated as a security boundary. The issue lives in the USB gadget f_hid function driver, where re-binding after an unbind could call cdev_init on a character device...

CVE-2026-23447 is a narrow Linux kernel bug with broader implications for anyone running USB networking stacks on affected systems. The flaw sits in the cdc_ncm driver’s NDP32 verification path, where the kernel failed to account for ndpoffset when checking the bounds of the descriptor pointer...

The Linux kernel has disclosed CVE-2026-31531, a networking bug in the IPv4 nexthop path that can trigger a kernel warning when users query very large nexthop groups through RTM_GETNEXTHOP. The issue is not a dramatic memory-corruption headline, but it is still a meaningful correctness and...

A newly published Linux kernel vulnerability in the macb Ethernet driver is a reminder that even small accounting mistakes in networking code can become memory-safety bugs. CVE-2026-31494 covers an out-of-bounds write in gem_get_ethtool_stats, where the driver copies statistics for the maximum...

CVE-2026-31498 is a reminder that some of the most consequential kernel bugs are not dramatic buffer overflows or headline-grabbing remote exploits, but state-machine failures and validation gaps buried in long-lived protocol code. In this case, the Linux kernel’s Bluetooth L2CAP layer can be...

In the Linux kernel’s ext4 filesystem, a small logic change has been turned into a security-relevant reliability fix: the code path that reads inline data now avoids a kernel-panic-style BUG_ON() when the inline payload is larger than a page. Instead of crashing the system, the kernel now logs...

In the Linux kernel, CVE-2026-31507 exposes a deceptively small-looking bug with outsized consequences: a double-free of smc_spd_priv when tee() duplicates an SMC splice pipe buffer. The flaw sits in net/smc, where smc_rx_splice() allocates one private object per pipe_buffer and stores it in...

CVE-2026-31446 is a reminder that some of the most dangerous Linux kernel flaws are not dramatic crashes or headline-grabbing remote exploits, but small timing mistakes in teardown code that only appear under real operational pressure. In this case, the ext4 filesystem can hit a use-after-free...

CVE-2026-31446 is the sort of Linux kernel bug that looks deceptively narrow until you follow the race all the way through the teardown path. The flaw sits in ext4’s update_super_work logic, where a work item can still call into sysfs after unmount has already torn down the kobject backing...