CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-53104
Unknown

A vulnerability related to a memory leak when destroying a device in the MT76 driver has been fixed in the Linux kernel. The issue affects all MT76 rx queues that have an associated page_pool, even if they are not linked to NAPI.

CVE-2026-53103
Unknown

A vulnerability has been identified in the Linux kernel that could lead to a deadlock in the mt7925_roc_abort_sync function. The issue occurred when this function attempted to cancel work that was already holding a mutex, leading to a blockage.

CVE-2026-53102
Unknown

A vulnerability has been identified in the Linux kernel related to a memory leak in the mt76_connac_mcu_alloc_sta_req() function. If intermediate functions fail, the allocated memory is not freed, leading to a leak.

CVE-2026-53101
Low risk· EPSS 6%

A potential deadlock was found in the Linux kernel's mt7921 driver in the mt7921_roc_abort_sync function. The issue occurs when cancel_work_sync() is called while roc_work() holds dev->mt76.mutex, causing both threads to block indefinitely.

CVE-2026-53100
Unknown

A vulnerability in the Linux kernel has been fixed that led to a deadlock in the mt76_remain_on_channel() and mt76_roc_complete() functions. The issue was caused by double acquisition of the dev->mutex during the mt76_set_channel() call.

CVE-2026-53099
Unknown

A vulnerability in the Linux kernel related to the incorrect use of the CONFIG_CFI_CLANG option, which has been renamed to CONFIG_CFI, has been resolved. Using the wrong name can lead to the code being compiled out, resulting in CFI failures for btf_dtor_kfunc_t.

CVE-2026-53098
Unknown

A vulnerability has been identified in the Linux kernel related to use-after-free bugs in the mt7915_mac_dump_work() function. The issue occurs when the mt7915 PCI chip is detached, and the crash_data is released while the dump_work task may still be running or pending.

CVE-2026-53097
Unknown

A vulnerability has been identified in the Linux kernel related to use-after-free bugs in the mt7996_mac_dump_work() function. The issue occurs when the mt7996 PCI chip is being detached, and the crash_data is released while the dump_work task may still be running or pending.

CVE-2026-53096
High

A vulnerability was found in the Linux kernel's dev_map_redirect_multi() function for the SKB path in BPF. Using unsafe hlist_for_each_entry_safe() instead of hlist_for_each_entry_rcu() can cause data races on weakly-ordered architectures (ARM64, POWER).

CVE-2026-53095
Unknown

A vulnerability in the Linux kernel was identified that allowed the abuse of the kprobe mechanism in conjunction with freplace, enabling modification of the pt_regs structure. This issue occurred when uprobe programs could change register values during kernel function calls.

CVE-2026-53094
High

A use-after-free vulnerability was found in the Linux kernel's BPF subsystem, where the offload->prog pointer becomes stale after constant blinding during JIT compilation. When a dev-bound-only BPF program is cloned and replaced, the offload->prog pointer is not updated, leading to a page fault when the network namespace is destroyed.

CVE-2026-53093
Unknown

A vulnerability has been identified in the Linux kernel due to the lack of error pointer checks in the brcmf_chip_add_core() function. This could lead to dereferencing an error pointer, jeopardizing system stability.

CVE-2026-53092
High

A vulnerability was found in the Linux kernel's BPF mechanism related to incorrect delta tracking of registers when the source and destination registers are the same. In the adjust_reg_min_max_vals() function, in-place modification of the register before reading the source value leads to an incorrect delta, which is propagated to linked registers, causing a verifier-vs-runtime mismatch.

CVE-2026-53091
High

A vulnerability was found in the Linux kernel's qdisc_pkt_len_segs_init() function, which did not ensure that GSO packet headers are in the skb->head buffer. This can lead to incorrect behavior of network drivers expecting headers in this buffer and allow an attacker to send malicious packets causing system crashes.

CVE-2026-53090
High

A vulnerability was found in the Linux kernel's BPF verifier regarding ld_{abs,ind} instructions used in subprograms. On packet data load failure, the verifier did not simulate the abnormal exit path, potentially leading to incorrect control flow analysis.

CVE-2026-53089
Unknown

A vulnerability has been identified in the Linux kernel related to use-after-free in the context of offloaded BPF maps and programs. The issue occurs when querying info, as the network namespace reference count may reach zero, leading to a use-after-free error.

CVE-2026-53088
Critical

In the Linux kernel, an off-by-one vulnerability was found in the bcmgenet driver's bcmgenet_put_txcb function. The write_ptr points to the next free tx_cb, but the function returned it before rewinding the pointer, causing incorrect cleanup of transmission buffers.

CVE-2026-53087
High

In the Linux kernel, the bcmgenet driver has a vulnerability where free buffer descriptors (free_bds) leak during TX queue reclaim. Fast-forwarding the write pointer skips returning dropped frames to the free pool, leading to resource exhaustion.

CVE-2026-53086
Critical

In the Linux kernel, a race condition was found in the bcmgenet driver's timeout handler. The handler aggressively stopped all transmit queues when only one queue timed out, causing race conditions with other active queues.

CVE-2026-53085
High

A vulnerability was found in the Linux kernel's open-coded task_vma iterator in BPF. The iterator reads task->mm without locking and does not increment the mm_struct reference count, leading to a use-after-free when the task exits concurrently.

PreviousPage 205 of 4563Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS