CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
A vulnerability has been identified in the Linux kernel that leads to a NULL pointer dereference in passthrough mode during concurrent writes. The issue occurs when an attempt to invalidate a cache entry fails due to a lock, resulting in an error in the invalidate_complete() function.
A vulnerability has been identified in the Linux kernel within the invalidate_remove() function, leading to write operation hangs in passthrough mode. The issue arises from incomplete logic for handling write hit bios after cache invalidation.
In the Linux kernel, the dm-cache policy SMQ lacks proper locking when invalidating cache blocks in passthrough mode. The invalidate_mapping operation is called concurrently from multiple workers without protection, leading to data races on the allocated blocks counter and potential use-after-free issues in internal data structures.
A vulnerability has been identified in the Linux kernel's dm-cache mechanism that may lead to data loss. The issue arises from incorrect checking of dirty mappings in passthrough mode during table reload, potentially resulting in the loading of dirty mappings.
A vulnerability has been identified in the Linux kernel that leads to a memory leak in the dm_cache_metadata_abort function when the root_lock cannot be acquired due to the block_manager being read-only. This issue occurs during multiple calls to the function under specific conditions, resulting in improper resource release.
In the Linux kernel, a vulnerability in the dm log module allows an out-of-bounds write due to a 32-bit unsigned int overflow in region_count when using dm_sector_div_up() which returns 64-bit sector_t. This results in undersized heap buffers and subsequent heap memory corruption.
A vulnerability in the Linux kernel related to the incorrect setting of the mhdp pointer in the atomic_enable() function has been resolved. If errors occur in cdns_mhdp_link_up() or cdns_mhdp_reg_read(), it may lead to a NULL pointer dereference, causing a crash.
In the Linux kernel, the RISC-V IOMMU subsystem lacked required TLB and context cache invalidations after updating DDT/PDT entries. The riscv_iommu_iodir_iotinval() function was added to comply with the RISC-V IOMMU specification.
A vulnerability has been identified in the Linux kernel related to a mismatch between voltage and clock frequency during DPU suspend and resume. The call to dev_pm_opp_set_rate(dev, 0) causes a drop in voltage, potentially leading to system instability.
In the Linux kernel's hisilicon/sec2 crypto driver, a use-after-free vulnerability was found. Under heavy system load, hardware may complete packet processing and free the request memory (req) before the transmission function finishes, causing an error. The fix replaces the req pointer with the qp_ctx structure, which persists throughout the packet sending process.
In the Linux kernel, a locking bug was found in the drm/msm driver's VM_BIND UNMAP operation. An incorrect argument caused objects involved in UNMAP operations not to be consistently locked, potentially leading to synchronization issues.
In the Linux kernel, a vulnerability was found in the AMD IOMMU subsystem's clone_alias() function. It incorrectly assumed the first argument (pdev) always points to the original device, while it could be an alias device. This caused the wrong devid to be used when copying DTE entries, leading to incorrect or stale entries being propagated to the alias device.
A vulnerability has been identified in the Linux kernel that has been resolved. It concerns the ASoC component in the qcom system, where failing to check the widget type before accessing private data may lead to incorrect memory access.
A vulnerability has been identified in the Linux kernel related to CBB timeout caused by accessing the DBI register before powering on the controller core. The issue occurs when the PERST# signal is deasserted twice, leading to errors in accessing DBI registers.
A race condition in the Linux kernel's dquot_scan_active() function during quota deactivation can lead to use-after-free, potentially causing system instability.
In the Linux kernel, the GFS2 filesystem lacked proper log locking in the gfs2_logd() function. Log flushing functions were called without holding the required sdp->sd_log_flush_lock, potentially causing conflicts with concurrent transactions. A new __gfs2_log_flush() function and proper locking were added.
A vulnerability has been identified in the Linux kernel that may lead to a NULL pointer dereference during the unmounting of the gfs2 filesystem. This issue has been resolved by adding appropriate checks in the gfs2_log_flush function and fixing the dereference in gfs2_log_release.
A vulnerability has been identified in the Linux kernel related to incorrect allocation size in the krealloc() function for cap_info->phys. This issue may lead to insufficient memory allocation, which on 32-bit PAE systems can result in a heap buffer overflow.
In the Linux kernel, a use-after-free vulnerability was found in the ksmbd module related to the Qualcomm Crypto Engine (QCE). The ksmbd_crypt_message() function does not properly handle the -EINPROGRESS return code from the hardware crypto engine, leading to premature memory freeing and a system crash.
In the Linux kernel, the memory driver for Tegra124-EMC had a reversed logic check for whether DLL is enabled in the EMRS register. The fix corrects the condition to properly check if bit A0 is low (indicating DLL enabled).

