linux kernel

CVE-2026-31548 is the kind of Linux kernel flaw that looks narrow at first glance but carries broad operational meaning for anyone managing Wi-Fi-enabled Linux systems, embedded devices, lab workstations, or Linux workloads tied into Windows-heavy environments. The bug sits in cfg80211, the...

CVE-2026-31686 is a small Linux kernel memory-management fix with outsized operational relevance for anyone running POWER, persistent memory, or security-instrumented kernels in enterprise environments. The issue sits in KASAN page-table teardown logic, where an incorrect assumption about...

CVE-2026-23360 is not the sort of Linux kernel flaw that produces dramatic headlines, but it is exactly the kind of storage-layer regression that enterprise administrators ignore at their peril. The issue, now tracked through Microsoft’s security update ecosystem as well as Linux vulnerability...

CVE-2026-23357 is a Linux kernel vulnerability in the SocketCAN mcp251x driver, a driver used for Microchip MCP251x and MCP25625 SPI-based CAN controllers. The issue is a deadlock in the error-handling path of mcp251x_open(), specifically involving free_irq() being called while the driver’s...

CVE-2026-31658: Linux Kernel Altera TSE Driver Memory Leak Fixed After DMA Mapping Failure Published: April 26, 2026 CVE: CVE-2026-31658 Component: Linux kernel networking driver, altera-tse Affected area: Altera Triple-Speed Ethernet transmit path Issue type: Memory leak / potential...

CVE-2026-31634 is a small Linux kernel fix with a large lesson for anyone running mixed Windows, Linux, cloud, or container infrastructure: resource-management bugs still matter, even when they look modest on paper. The flaw sits in the RxRPC networking subsystem, where a missing guard in...

CVE-2026-31675 is a newly published Linux kernel vulnerability that turns a rarely discussed testing feature into a reminder that edge-case packet handling can still matter in production security. The flaw sits in sch_netem, the kernel’s network emulation queuing discipline, where packet...

CVE-2026-31677 is a freshly published Linux kernel vulnerability that lands in a part of the kernel many administrators rarely think about: the AF_ALG cryptographic socket interface. The issue, now included in the NVD dataset but not yet scored by NIST, centers on receive-side scatterlist...

CVE-2026-31588 is the kind of Linux kernel flaw that looks tiny in code review and important in production: a narrow KVM x86 MMIO use-after-free triggered by page-splitting emulated writes, userspace exits, and stale stack-backed data. The fix changes how small write values are stored when KVM...

CVE-2026-31582 is a small Linux kernel bug with a familiar lesson: even niche USB hardware can expose fragile lifetime rules inside kernel drivers. The flaw sits in the POWER-Z hardware monitoring driver, where a USB disconnect could leave a freed URB pointer reachable by a later sysfs read. NVD...

CVE-2026-31616 is a narrowly scoped but technically important Linux kernel vulnerability in the USB gadget subsystem, where a hostile USB host can trigger a fragment-array overflow in the Phonet gadget receive path. The flaw sits in f_phonet, a legacy but still shipped kernel function used to...

CVE-2026-31665 is a newly published Linux kernel vulnerability in netfilter, the packet-filtering framework that underpins nftables, conntrack, NAT, and many Linux firewall deployments. The bug is a use-after-free in the nftables connection-tracking timeout object destruction path, where the...

CVE-2026-31638 is a newly published Linux kernel vulnerability in the RxRPC networking subsystem. The issue was published by NVD on April 24, 2026, with kernel.org as the source, and Microsoft has also added it to the Microsoft Security Response Center Security Update Guide. At the time of...

CVE-2026-31622 is not a noisy internet-facing vulnerability, but it is exactly the kind of low-level kernel flaw that deserves attention from Windows, Linux, and mixed-fleet administrators alike. The issue sits in the Linux kernel NFC digital stack, where a malicious NFC peer can reportedly...

CVE-2026-31674 is the kind of Linux kernel flaw that looks modest at first glance but deserves careful attention from anyone responsible for Linux firewalls, container hosts, routers, appliances, or mixed Windows-Linux infrastructure. The issue sits in netfilter, specifically the IPv6 ip6t_rt...

CVE-2026-31682 is a newly published Linux kernel vulnerability that lands in an unusually important corner of modern infrastructure: the bridge networking path used by virtualization hosts, containers, appliances, and cloud platforms. The flaw sits in br_nd_send(), where Linux bridge code parsed...

A newly published Linux kernel vulnerability, CVE-2026-31680, highlights a familiar but consequential class of networking bugs: a lifetime mismatch in code protected by RCU, Linux’s high-performance read-side synchronization model. The flaw sits in the IPv6 flow label implementation, where a...

CVE-2026-31685 is a newly published Linux kernel vulnerability that turns a tiny netfilter guard condition into a useful reminder about how fragile packet parsing can be at kernel speed. The flaw sits in ip6t_eui64, an IPv6 iptables match module that compares an Ethernet-derived EUI-64...

CVE-2026-31639 is a small-looking Linux kernel fix with the kind of operational footprint that administrators should not ignore: an rxrpc key reference count leak tied to client call teardown. The issue, published on April 24, 2026 and still awaiting full NVD enrichment, centers on a missing...

CVE-2026-31560 is a small Linux kernel fix with an outsized lesson: sometimes the crash is not in the failed hardware transaction, but in the error log that tries to describe it. The flaw sits in the DesignWare SPI DMA path, where a timeout or error could leave the driver without a current SPI...