CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-46204
High

A vulnerability in the Linux kernel has been resolved that allowed out-of-bounds (OOB) reads when parsing IB in the drm/amdgpu/vcn4 module. The IB parsing has been rewritten to use amdgpu_ib_get_value(), which handles bounds checks.

CVE-2026-46203
High

A vulnerability in the Linux kernel related to unclocked register access during driver unbind has been fixed. The issue involves ensuring the controller is runtime resumed before disabling it.

CVE-2026-46201
High

In the Linux kernel, a vulnerability related to dma-buf attachment leak in the function xe_gem_prime_import() has been fixed. The issue occurs when xe_dma_buf_init_obj() fails, and the attachment is not detached.

CVE-2026-46199
High

A vulnerability in the Linux kernel has been resolved that allowed out-of-bounds (OOB) reads when parsing decoder messages in the amdgpu vcn4 module. Boundary checks have been implemented to prevent such reads.

CVE-2026-46198
High

A vulnerability related to integer overflow in the batman-adv module has been fixed in the Linux kernel. The issue concerns the batadv_iv_ogm_send_to_if function, where the size check was performed using the int type, while the buff_pos variable uses the s16 type, potentially leading to an out-of-bounds read.

CVE-2026-46197
High

A vulnerability in the Linux kernel has been resolved, concerning the validation of the nattr field in the SVM ioctl against the buffer size. This prevents out-of-bounds buffer access via user-controlled attribute count.

CVE-2026-46191
High

A vulnerability has been identified in the Linux kernel related to out-of-bounds access to the font buffer during console rotation failure. The fbcon_rotate_font() function does not clear the font buffer, which may lead to buffer overflow when printing to the rotated console.

CVE-2026-46190
High

A vulnerability has been identified in the Linux kernel that allows for an out-of-bounds read in the spi_nor_params_show() function. The issue arises from incorrect size calculations of an array of pointers, leading to improper bounds checking in the spi_nor_print_flags() function.

CVE-2026-46189
High

In the Linux kernel, a double free vulnerability was found in the RDMA/vmw_pvrdma driver on the error path of pvrdma_alloc_ucontext(). The pvrdma_uar_free() function is called twice: once directly and then again inside pvrdma_dealloc_ucontext(), causing a double free.

CVE-2026-46183
High

A vulnerability has been identified in the Linux kernel that allows users to read and write to the damon_sysfs_quot_goal->path structure without proper protection. This can lead to situations where a user reads an already freed buffer, posing a risk to system stability.

CVE-2026-46181
High

In the Linux kernel, the RDMA/mlx4 driver misuses RCU in mlx4_srq_event(). The radix_tree is RCU-safe, but the mlx4_srq struct is never freed with RCU and is not accessed within an RCU critical section. Delivering an event before the srq object is fully initialized can cause a system crash.

CVE-2026-46180
High

A vulnerability in the Linux kernel related to a potential use-after-free issue when stopping the watchdog task has been resolved.

CVE-2026-46178
High

A vulnerability in the Linux kernel related to resource leak in mlx4_ib_create_srq() has been fixed. The issue was that mlx4_srq_free() was not called during error unwind, leading to resource leaks.

CVE-2026-46177
High

A vulnerability in the Linux kernel related to limits on event and message requests has been resolved. The driver could continuously fetch events, potentially causing issues with BMCs that never signal completion. A limit of 10 fetches at a time has been introduced.

CVE-2026-46176
High

In the Linux kernel RDMA/mlx5 driver, a bug in mlx5_ib_dev_res_srq_init() causes fall-through after a failed SRQ allocation (s1). The error path frees s0 but then assigns the freed s0 and an ERR_PTR to devr->s0 and devr->s1, leading to use-after-free and invalid pointer dereferences.

CVE-2026-46175
High

A vulnerability has been identified in the Linux kernel related to node block migration in the f2fs filesystem, which may lead to misinterpretation of data as fsync-written. This issue occurs during FGGC node block migration, potentially resulting in errors in the fsck tool.

CVE-2026-46174
High

A vulnerability has been identified in the Linux kernel regarding improper isolation of shared resources in the op cache of AMD Zen2 processors. This issue could lead to instruction corruption.

CVE-2026-46173
High

A vulnerability has been identified in the Linux kernel that allows preemption of a TASK_DEAD task during its exit. This can lead to serious memory issues, such as use-after-free or double-free of the task's stack.

CVE-2026-46166
High

In the Linux kernel, a vulnerability was found in the mac80211 subsystem due to unsafe list iteration in the radar detect work function. Calling ieee80211_dfs_cac_cancel can free and remove the iterated chanctx from the list, leading to a slab-use-after-free error.

CVE-2026-46164
High

A vulnerability has been identified in the Linux kernel that leads to a double free in the create_space_info_sub_group() function on error. The issue occurs when kobject_init_and_add() fails, resulting in the sub_group object being freed twice.

PreviousPage 228 of 3355Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS