CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.16)
A vulnerability in the Linux kernel related to batman-adv has been resolved, preventing new tp_meter sessions from starting after leaving the BATADV_MESH_ACTIVE state.
A vulnerability in the Linux kernel has been resolved by disallowing all private IOCTLs. IOCTLs are not as safe as one might assume, hence they have been temporarily disabled.
A vulnerability in the Linux kernel has been resolved that allowed out-of-bounds (OOB) reads when parsing IB in the drm/amdgpu/vcn4 module. The IB parsing has been rewritten to use amdgpu_ib_get_value(), which handles bounds checks.
A vulnerability in the Linux kernel related to unclocked register access during driver unbind has been fixed. The issue involves ensuring the controller is runtime resumed before disabling it.
In the Linux kernel, a vulnerability related to dma-buf attachment leak in the function xe_gem_prime_import() has been fixed. The issue occurs when xe_dma_buf_init_obj() fails, and the attachment is not detached.
A vulnerability in the Linux kernel has been resolved that allowed out-of-bounds (OOB) reads when parsing decoder messages in the amdgpu vcn4 module. Boundary checks have been implemented to prevent such reads.
A vulnerability related to integer overflow in the batman-adv module has been fixed in the Linux kernel. The issue concerns the batadv_iv_ogm_send_to_if function, where the size check was performed using the int type, while the buff_pos variable uses the s16 type, potentially leading to an out-of-bounds read.
A vulnerability in the Linux kernel has been resolved, concerning the validation of the nattr field in the SVM ioctl against the buffer size. This prevents out-of-bounds buffer access via user-controlled attribute count.
A vulnerability has been identified in the Linux kernel related to out-of-bounds access to the font buffer during console rotation failure. The fbcon_rotate_font() function does not clear the font buffer, which may lead to buffer overflow when printing to the rotated console.
A vulnerability has been identified in the Linux kernel that allows for an out-of-bounds read in the spi_nor_params_show() function. The issue arises from incorrect size calculations of an array of pointers, leading to improper bounds checking in the spi_nor_print_flags() function.
In the Linux kernel's RDMA driver for VMware virtual machines (vmw_pvrdma), a double free vulnerability was found on the error path of pvrdma_alloc_ucontext(). The pvrdma_uar_free() function is called both before and inside pvrdma_dealloc_ucontext(), causing a double free.
A vulnerability has been identified in the Linux kernel that allows users to read and write to the damon_sysfs_quot_goal->path structure without proper protection. This can lead to situations where a user reads an already freed buffer, posing a risk to system stability.
In the Linux kernel, the RDMA/mlx4 driver misuses RCU in mlx4_srq_event(). The radix_tree is RCU-safe, but the mlx4_srq struct is never freed with RCU and is not accessed within an RCU critical section. Delivering an event before the srq object is fully initialized can cause a kernel crash.
A vulnerability in the Linux kernel related to a potential use-after-free issue when stopping the watchdog task has been resolved.
A vulnerability in the Linux kernel related to resource leak in mlx4_ib_create_srq() has been fixed. The issue was that mlx4_srq_free() was not called during error unwind, leading to resource leaks.
A vulnerability in the Linux kernel related to limits on event and message requests has been resolved. The driver could continuously fetch events, potentially causing issues with BMCs that never signal completion. A limit of 10 fetches at a time has been introduced.
In the Linux kernel's mlx5 driver, a bug in mlx5_ib_dev_res_srq_init() causes fall-through after s1 allocation failure, assigning freed s0 and an ERR_PTR to data structures. This leads to use-after-free, ERR_PTR dereference, and double-free.
A vulnerability has been identified in the Linux kernel related to node block migration in the f2fs filesystem, which may lead to misinterpretation of data as fsync-written. This issue occurs during FGGC node block migration, potentially resulting in errors in the fsck tool.
In the Linux kernel, a vulnerability was found in AMD Zen2 processors due to improper isolation of shared resources in the op cache. This can lead to instruction corruption and potential security breaches.
A vulnerability has been identified in the Linux kernel that allows preemption of a TASK_DEAD task during its exit. This can lead to serious memory issues, such as use-after-free or double-free of the task's stack.

