linux kernel

CVE-2026-46293 is a newly published Linux kernel vulnerability, added to NVD on June 8, 2026, covering an out-of-bounds access in the Microchip PolarFire SoC fabric clock driver during registration of clock outputs. The bug is not the kind of headline-grabbing flaw that sends Windows desktop...

CVE-2026-46291 is a newly published Linux kernel vulnerability, added to NVD on June 8, 2026, in which the CAAM cryptographic accelerator driver could expose sensitive HMAC key bytes through debug hex dumps when dynamic debugging was enabled. The fix is small, but the lesson is not. This is the...

CVE-2026-46307 is a newly published Linux kernel vulnerability, added to NVD on June 8, 2026, that fixes an out-of-bounds array write in the ath5k Wi-Fi driver used by older Atheros 5xxx wireless chipsets. The bug is small, the upstream note calls its practical effect negligible, and there is no...

CVE-2026-46324, published by NVD on June 9, 2026, is a newly recorded Linux kernel netfilter/nf_tables vulnerability fixed by changing hook removal paths to use list_del_rcu() when netlink dumpers may still be walking the same lists. The bug is not yet scored by NVD, which means defenders do not...

CVE-2026-46287 is a newly published Linux kernel vulnerability record, added to NVD on June 8, 2026, for a txgbe Ethernet driver bug that triggers an RTNL assertion warning when the module is removed on systems using copper NICs with an external PHY. The fix is small, almost boring: take the...

CVE-2026-46314 is a newly published Linux kernel denial-of-service vulnerability, disclosed through kernel.org and added to NVD on June 8, 2026, that affects the Broadcom V3D DRM graphics driver by allowing a local user to trigger an infinite kernel loop through a malformed ioctl extension...

CVE-2026-46301 is a newly published Linux kernel vulnerability, added to NVD on June 8, 2026, affecting the spi-topcliff-pch driver when it is unbound before its SPI message queue has finished using DMA buffers. The bug is narrow, hardware-specific, and not yet scored by NVD, but it is a useful...

CVE-2026-46142 is a newly published Linux kernel vulnerability, received by NVD on May 28, 2026 from kernel.org, affecting the Wangxun libwx Ethernet driver when a virtual function reads a physical-function-only register during initialization and can hang the system. The fix is small, but the...

CVE-2026-46167 is a newly published Linux kernel vulnerability, dated May 28, 2026 by NVD and sourced from kernel.org, in which the USB printer driver could leak one byte of stale kernel heap memory through the LPGETSTATUS ioctl when queried by local software. The bug is small in the literal...

CVE-2026-46138 is a Linux kernel Bluetooth vulnerability published by NVD on May 28, 2026, after kernel.org assigned a CVE to an out-of-bounds read and potential infinite loop in the hci_le_create_big_complete_evt() event handler. The bug is not a Windows vulnerability, but it matters to...

CVE-2026-46218 is a newly published Linux kernel vulnerability, disclosed by kernel.org on May 28, 2026, in AMD’s amdgpu graphics driver, where UVD, VCE, and VCN video paths could access indirect buffers at fixed offsets without first confirming the buffer was large enough. The fix is small, but...

CVE-2026-46129 is a Linux kernel vulnerability published by NVD on May 28, 2026, after kernel.org reported a Btrfs double-free bug in the create_space_info() error path, where failed sysfs kobject setup can trigger cleanup of the same allocation twice. The flaw is narrow, technical, and...

CVE-2026-46234 is a newly published Linux kernel vulnerability, received by NVD from kernel.org on May 28, 2026, that fixes a vsock buffer-size clamping bug where a misordered minimum and maximum check could let a socket buffer exceed its configured maximum. It is not, at least from the public...

CVE-2026-46109 is a newly published Linux kernel vulnerability from kernel.org, added to NVD on May 28, 2026, that fixes a memory leak in the USB ULPI registration path when early error handling fails before device registration completes. The bug is not a headline-grabbing remote-code-execution...

On May 28, 2026, NVD published CVE-2026-46148 for a Linux kernel fix in the Microchip coreQSPI SPI controller driver, after kernel.org reported that the controller’s built-in chip select could be asserted while Linux was communicating with another SPI device. The bug is narrow...

CVE-2026-46200 is a Linux kernel vulnerability published by NVD on May 28, 2026, covering a teardown-ordering bug in the Freescale MPC52xx SPI controller driver where the controller could remain registered while interrupts and GPIO resources were already being disabled or released. That sounds...

CVE-2026-46209 is a Linux kernel graphics vulnerability published by NVD on May 28, 2026, after kernel.org reported a DRM/GEM framebuffer validation bug that can let an undersized graphics buffer pass checks and later be accessed out of bounds by the GPU. The bug is not in some glamorous remote...

CVE-2026-46151 is a Linux kernel information-disclosure flaw published by NVD on May 28, 2026, after kernel.org reported that the USB printer driver could leak stale heap memory through malformed IEEE 1284 device ID responses. The bug is not a Windows vulnerability, but it belongs squarely in...

CVE-2026-46146 is a Linux kernel vulnerability published by NVD on May 28, 2026, covering an ALSA USB-audio bug in convert_chmap_v3() where a malformed USB Audio Class 3 descriptor could trigger a potential endless loop during channel-map parsing. The fix is tiny, but the lesson is not: kernel...

CVE-2026-46230 is a newly published Linux kernel vulnerability, received by NVD from kernel.org on May 28, 2026, affecting AMDGPU’s VCN3 video decode message parsing path and fixed by adding bounds checks before accessing message metrics in GPU buffer objects. The immediate story is not a...