linux kernel

CVE-2026-31540 is a Linux kernel i915 graphics-driver NULL pointer dereference, published on April 24, 2026, affecting Intel GPU systems where required i915 firmware is missing and suspend triggers an unchecked function-pointer call. It is not a Windows vulnerability in the usual Patch Tuesday...

CVE-2026-31546 is a medium-severity Linux kernel denial-of-service flaw, published by NVD on April 24, 2026 and modified on April 28, that lets a local privileged user crash affected systems through the bonding driver’s debugfs RLB hash display path. The bug is small enough to fit in a...

CVE-2026-31549: Linux Kernel cp2615 NULL Pointer Dereference in I2C Probe Path CVE-2026-31549 is a Linux kernel vulnerability affecting the Silicon Labs CP2615 I2C driver. The issue occurs in the i2c-cp2615 driver during device probing, where the driver uses the USB device’s serial string as the...

CVE-2026-31548 is the kind of Linux kernel flaw that looks narrow at first glance but carries broad operational meaning for anyone managing Wi-Fi-enabled Linux systems, embedded devices, lab workstations, or Linux workloads tied into Windows-heavy environments. The bug sits in cfg80211, the...

CVE-2026-31686 is a small Linux kernel memory-management fix with outsized operational relevance for anyone running POWER, persistent memory, or security-instrumented kernels in enterprise environments. The issue sits in KASAN page-table teardown logic, where an incorrect assumption about...

CVE-2026-23360 is not the sort of Linux kernel flaw that produces dramatic headlines, but it is exactly the kind of storage-layer regression that enterprise administrators ignore at their peril. The issue, now tracked through Microsoft’s security update ecosystem as well as Linux vulnerability...

CVE-2026-23357 is a Linux kernel vulnerability in the SocketCAN mcp251x driver, a driver used for Microchip MCP251x and MCP25625 SPI-based CAN controllers. The issue is a deadlock in the error-handling path of mcp251x_open(), specifically involving free_irq() being called while the driver’s...

CVE-2026-31658: Linux Kernel Altera TSE Driver Memory Leak Fixed After DMA Mapping Failure Published: April 26, 2026 CVE: CVE-2026-31658 Component: Linux kernel networking driver, altera-tse Affected area: Altera Triple-Speed Ethernet transmit path Issue type: Memory leak / potential...

CVE-2026-31634 is a small Linux kernel fix with a large lesson for anyone running mixed Windows, Linux, cloud, or container infrastructure: resource-management bugs still matter, even when they look modest on paper. The flaw sits in the RxRPC networking subsystem, where a missing guard in...

CVE-2026-31675 is a newly published Linux kernel vulnerability that turns a rarely discussed testing feature into a reminder that edge-case packet handling can still matter in production security. The flaw sits in sch_netem, the kernel’s network emulation queuing discipline, where packet...

CVE-2026-31677 is a freshly published Linux kernel vulnerability that lands in a part of the kernel many administrators rarely think about: the AF_ALG cryptographic socket interface. The issue, now included in the NVD dataset but not yet scored by NIST, centers on receive-side scatterlist...

CVE-2026-31588 is the kind of Linux kernel flaw that looks tiny in code review and important in production: a narrow KVM x86 MMIO use-after-free triggered by page-splitting emulated writes, userspace exits, and stale stack-backed data. The fix changes how small write values are stored when KVM...

CVE-2026-31582 is a small Linux kernel bug with a familiar lesson: even niche USB hardware can expose fragile lifetime rules inside kernel drivers. The flaw sits in the POWER-Z hardware monitoring driver, where a USB disconnect could leave a freed URB pointer reachable by a later sysfs read. NVD...

CVE-2026-31616 is a narrowly scoped but technically important Linux kernel vulnerability in the USB gadget subsystem, where a hostile USB host can trigger a fragment-array overflow in the Phonet gadget receive path. The flaw sits in f_phonet, a legacy but still shipped kernel function used to...

CVE-2026-31665 is a newly published Linux kernel vulnerability in netfilter, the packet-filtering framework that underpins nftables, conntrack, NAT, and many Linux firewall deployments. The bug is a use-after-free in the nftables connection-tracking timeout object destruction path, where the...

CVE-2026-31638 is a newly published Linux kernel vulnerability in the RxRPC networking subsystem. The issue was published by NVD on April 24, 2026, with kernel.org as the source, and Microsoft has also added it to the Microsoft Security Response Center Security Update Guide. At the time of...

CVE-2026-31622 is not a noisy internet-facing vulnerability, but it is exactly the kind of low-level kernel flaw that deserves attention from Windows, Linux, and mixed-fleet administrators alike. The issue sits in the Linux kernel NFC digital stack, where a malicious NFC peer can reportedly...

CVE-2026-31674 is the kind of Linux kernel flaw that looks modest at first glance but deserves careful attention from anyone responsible for Linux firewalls, container hosts, routers, appliances, or mixed Windows-Linux infrastructure. The issue sits in netfilter, specifically the IPv6 ip6t_rt...

CVE-2026-31682 is a newly published Linux kernel vulnerability that lands in an unusually important corner of modern infrastructure: the bridge networking path used by virtualization hosts, containers, appliances, and cloud platforms. The flaw sits in br_nd_send(), where Linux bridge code parsed...

A newly published Linux kernel vulnerability, CVE-2026-31680, highlights a familiar but consequential class of networking bugs: a lifetime mismatch in code protected by RCU, Linux’s high-performance read-side synchronization model. The flaw sits in the IPv6 flow label implementation, where a...