CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.15)

CVE-2026-45959
High

A vulnerability in the Linux kernel has been fixed that could lead to system crashes due to incorrect usage of the cleanup function kfree. The issue stemmed from incorrectly annotating a local pointer variable, resulting in the wrong address being passed to kfree.

CVE-2026-45958
High

A vulnerability has been identified in the Linux kernel that allows direct dereferencing of a user pointer in the vidi_connection_ioctl() function. This enables access to kernel memory from user space.

CVE-2026-45957
High

A vulnerability was identified in the Linux kernel that led to an infinite loop in the rcu_read_unlock() function due to IRQ work. It has been fixed by introducing a flag before calling raise_softirq_irqoff().

CVE-2026-45956
High

A vulnerability has been identified in the Linux kernel within the vidi_connection_ioctl() function, which may lead to errors such as null pointer dereferences and out-of-bounds errors. The issue arises from incorrectly obtaining the vidi context pointer from the wrong master device.

CVE-2026-45955
High

A vulnerability has been identified in the Linux kernel related to the llbitmap_suspend_timeout() function. When a timeout occurs, this function fails to resurrect the percpu_ref, leading to its permanent blocking.

CVE-2026-45951
High

A vulnerability has been identified in the Linux kernel related to a potential use-after-free of BTF objects. The issue involves incorrect refcounting in the check_pseudo_btf_id() function, which may lead to calling __check_pseudo_btf_id() with a zero refcount.

CVE-2026-45946
High

A vulnerability has been identified in the Linux kernel related to use-after-free in the power_supply_changed() function. This issue occurs when the power_supply handle is freed before the interrupt handler is registered, leading to the function being called with a freed handle.

CVE-2026-45945
High

A vulnerability has been identified in the Linux kernel related to a race condition during the replacement of a PASID entry in the Intel VT-d table. This issue may lead to unpredictable behavior of IOMMU hardware due to incomplete data reads.

CVE-2026-45944
High

A vulnerability has been identified in the Linux kernel related to improper context teardown in IOMMU. When tearing down a context entry, there is a risk that hardware may access a 'torn' entry, leading to unpredictable behavior.

CVE-2026-45943
High

A vulnerability has been identified in the Linux kernel that may lead to a NULL pointer dereference when reading inline data for compressed ztailpacking pclusters. This issue occurs when pclusters are added to I/O chains without prior validation.

CVE-2026-45942
High

A bitmap inconsistency issue was identified and resolved in the Linux kernel's ext4 filesystem, which occurred during stress tests with large page workloads. This issue was caused by a race condition between page migration and bitmap modification.

CVE-2026-45938
High

A vulnerability has been identified in the Linux kernel related to use-after-free in the power_supply_changed() function. This issue occurs when the power_supply handle is freed before the interrupt handler is registered, potentially leading to system crashes or memory corruption.

CVE-2026-45936
High

A vulnerability has been identified in the Linux kernel related to use-after-free in the power_supply_changed() function. This issue occurs when the power_supply handle is freed before the interrupt handler is registered, potentially leading to system crashes or memory corruption.

CVE-2026-45935
High

A vulnerability has been identified in the Linux kernel within the 'DeleteIndexEntryRoot' function that may lead to a heap buffer overflow. The issue arises from inadequate bounds checking when calculating the entry size, potentially resulting in out-of-bounds reads.

CVE-2026-45933
High

A vulnerability has been identified in the Linux kernel within the sync_linked_regs() function, which may lead to errors in register ID propagation. The issue arises when registers are linked, and their IDs are incorrectly assigned, potentially resulting in verification errors and division by zero.

CVE-2026-45932
High

A vulnerability in the Linux kernel has been fixed that allowed BPF_PROG_DETACH on tcx or netkit devices to be executed by any user when no program fd was provided. The fix adds a capability check for CAP_NET_ADMIN or CAP_SYS_ADMIN.

CVE-2026-45931
High

A vulnerability has been identified in the Linux kernel that leads to a crash in the iommu_sva_unbind_device() function due to accessing the mm structure after it has been freed. The issue has been resolved by holding a reference to the mm structure throughout the device bind/unbind operation.

CVE-2026-45929
High

A vulnerability in the Linux kernel has been fixed in the ovpn module, which could lead to a use-after-free condition in the ovpn_net_xmit function. The issue stemmed from improper pointer management during operations on packet segments.

CVE-2026-45920
High

A vulnerability has been identified in the Linux kernel related to double decrementing the dirty clusters counter during the ext4 filesystem shutdown. This issue leads to a warning with a value of -1 for the dirty clusters counter, indicating an error in the error handling path.

CVE-2026-45916
High

A use-after-free vulnerability was identified in the power_supply_changed() function in the Linux kernel. The issue occurs when the power_supply handle is freed before the interrupt handler is registered, potentially leading to system crashes or memory corruption.

PreviousPage 271 of 3394Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS