CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
A vulnerability has been identified in the Linux kernel affecting the ublk server. The issue is that the cancel flag for individual I/O operations may remain set, preventing their proper cancellation after the server crashes.
A vulnerability has been identified in the Linux kernel during the reshape operation in raid456, which can lead to deadlock. The issue occurs when direct IO waits for reshape progress while holding an active reference, preventing the suspension operation from completing.
A vulnerability has been identified in the Linux kernel that leads to a deadlock between reflink operation and transaction commit when using the flushoncommit mount option. The issue occurs when the reflink operation copies data to a location beyond the current size of the inode, resulting in mutual blocking with the committing transaction.
A vulnerability has been identified in the Linux kernel that leads to a memory leak in the amd_pstate_epp_cpu_init() function. On failure to set the epp, the function returns an error code without freeing the cpudata object.
A vulnerability has been identified in the Linux kernel concerning the driver_override mechanism related to calling the match() function without holding the device lock. This can lead to a use-after-free (UAF) situation.
A vulnerability has been identified in the Linux kernel related to the __driver_attach() mechanism. Calling the match() function without holding the device lock can lead to a use-after-free (UAF) situation.
A vulnerability has been identified in the Linux kernel related to the use of the driver_override infrastructure without proper locking. When probing a driver, the driver_override field is accessed without holding the device lock, which can lead to a use-after-free (UAF) situation.
A vulnerability has been identified in the Linux kernel related to the driver_override mechanism in the context of s390/cio. The issue arises because the device lock is not held when calling __driver_attach(), which can lead to a use-after-free (UAF) situation.
A vulnerability has been identified in the Linux kernel related to updating AP masks, which may lead to a use-after-free (UAF). The issue occurs when calling ap_bus_revise_bindings() without properly locking access to the driver_override field.
A vulnerability has been identified in the Linux kernel related to the use of the driver_override infrastructure in the context of the fsl-mc bus. The issue arises because the match() function is called in __driver_attach() without holding the device lock, which can lead to a use-after-free (UAF) situation.
A vulnerability in the Linux kernel related to calling perf_allow_kernel() from the NMI context has been resolved, which can be unsafe and lead to critical failures.
A vulnerability has been identified in the Linux kernel related to memory leaks in beacon template setup in the ath11k module. Functions responsible for memory allocation do not free it on error, leading to memory leaks.
A vulnerability has been identified in the Linux kernel that may lead to a use-after-free error in the rtlwifi module. The issue occurs when irq_prepare_bcn_tasklet is not properly terminated before releasing ieee80211_hw resources.
A vulnerability has been identified in the Linux kernel related to null pointer dereference in the bpf_lwt_xmit_push_encap function. This issue occurs when skb->_skb_refdst is not initialized during skb setup by the bpf_prog_test_run_skb function, leading to kernel crashes.
A vulnerability in the Linux kernel's s390 BPF JIT fails to properly handle zero extension for return values and kfunc arguments as required by the s390x ABI. The missing zero extension can cause incorrect behavior of BPF programs on s390x systems.
A vulnerability has been identified in the Linux kernel related to the management of page table fragments in the powerpc architecture. The issue arises when PTE fragments are freed, but an incorrectly set active flag can lead to bad page state errors.
A vulnerability has been identified in the Linux kernel related to a race condition during PMD migration entries, which can lead to memory management errors. The issue occurs when the move_pages function is called on a PMD THP page while a munmap operation is simultaneously taking place.
A vulnerability related to URB handling in interrupt context has been resolved in the Linux kernel. The issue was that URBs could not be killed in interrupt context, potentially leading to data transmission problems.
A vulnerability has been identified in the Linux kernel that allows potential deadlock of local storage when deleting elements in the NMI context. This issue has been partially mitigated by returning an error when calling from bpf_xxx_storage_delete() helpers in the NMI context.
A vulnerability in the Linux kernel has been resolved that could lead to a kernel panic due to improper access to the `vif` pointer. The issue was related to not checking if `vif` is NULL before use.

