Linux Kernel vulnerabilities

CVE-2026-46203 [LOW] CWE-826 kernel: spi: cadence-quadspi: fix unclocked access on unbind kernel: spi: cadence-quadspi: fix unclocked access on unbind A flaw was found in the Linux kernel, specifically within the `spi: cadence-quadspi` driver. This vulnerability occurs when the controller is not properly runtime resumed before being disabled during driver unbind, leading to unclocked register access. A local attacker could potentially exploit this to cause system instability or a denial of serv

CVE-2026-46153 [LOW] CWE-772 kernel: 8021q: delete cleared egress QoS mappings kernel: 8021q: delete cleared egress QoS mappings A flaw was found in the Linux kernel's 8021q VLAN module. This vulnerability occurs because cleared egress Quality of Service (QoS) mappings are not properly deleted, leading to an accumulation of mapping nodes. An attacker could repeatedly set and clear egress priority mappings, causing a memory leak. This memory leak could eventually lead to a Denial of Service (DoS

CVE-2026-46167 [LOW] CWE-824 kernel: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl kernel: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl A flaw was found in the Linux kernel's `usblp` driver. A local user, interacting with a malicious printer, could exploit this vulnerability. When the `LPGETSTATUS` ioctl is used and a printer responds with zero bytes, the driver may return uninitialized kernel memory. This leads to information disclosure, potentially exposing se

CVE-2026-46131 [LOW] CWE-266 kernel: KVM: x86: check for nEPT/nNPT in slow flush hypercalls kernel: KVM: x86: check for nEPT/nNPT in slow flush hypercalls A flaw was found in the Linux kernel's KVM (Kernel-based Virtual Machine) x86 virtualization module. An incorrect check for nested EPT/NPT (Nested Extended Page Tables/Nested Nested Page Tables) in slow flush hypercalls could lead to improper handling of L2 guests. This vulnerability arises because the `is_guest_mode(vcpu)` check was not suff

CVE-2026-46161 [LOW] CWE-369 kernel: md/raid10: fix divide-by-zero in setup_geo() with zero far_copies kernel: md/raid10: fix divide-by-zero in setup_geo() with zero far_copies A flaw was found in the Linux kernel's md/raid10 module. This vulnerability allows a local user to trigger a divide-by-zero error within the `setup_geo()` function by supplying a malformed layout parameter where the `far_copies` value is set to zero. Successful exploitation of this flaw can lead to a system crash, causin

CVE-2026-46216 [LOW] CWE-476 kernel: drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status() kernel: drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status() A flaw was found in the Linux kernel's drm/xe/hdcp module. When media Graphics Translation (GT) is disabled via configfs, a NULL pointer dereference can occur in the intel_hdcp_gsc_check_status() function. This can lead to a kernel pagefault error, resulting in a system crash and a Denial of Service (DoS)

CVE-2026-46178 [LOW] CWE-772 kernel: RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() kernel: RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() A flaw was found in the Linux kernel. This vulnerability, located in the RDMA/mlx4 component, is due to a resource leak during error handling in the `mlx4_ib_create_srq()` function. An attacker could potentially exploit this flaw to cause a denial of service by exhausting system resources. Package: kernel (Red Hat Enterprise Li

CVE-2026-46184 [LOW] CWE-369 kernel: sound: ua101: fix division by zero at probe kernel: sound: ua101: fix division by zero at probe A flaw was found in the Linux kernel's `ua101` USB audio driver. A local attacker, by connecting a specially crafted USB audio device, could trigger a division-by-zero error. This occurs because the driver fails to validate the `bNrChannels` field, leading to a kernel crash. This vulnerability results in a Denial of Service (DoS) for the affected system. Package:

CVE-2026-46201 [LOW] CWE-772 kernel: drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() kernel: drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() A flaw was found in the Linux kernel's `drm/xe` subsystem. When handling dma-buf attachments, a resource leak occurs if the initialization of a dma-buf object fails, as the attachment is not properly detached. This oversight can lead to resource exhaustion, potentially allowing a local attacker to cause a Denial of Service (DoS) b

CVE-2026-46165 [LOW] CWE-833 kernel: openvswitch: vport: fix self-deadlock on release of tunnel ports kernel: openvswitch: vport: fix self-deadlock on release of tunnel ports A flaw was found in the Linux kernel's openvswitch vport component. This vulnerability arises during the release of tunnel ports, where a self-deadlock can occur. This prevents the vport from being properly freed and its references released, leading to a system deadlock during device removal. Such a deadlock can negatively

CVE-2026-46156 CWE-823 kernel: LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang() kernel: LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang() A flaw was found in the Linux kernel's LoongArch architecture. An issue in the `loongson_gpu_fixup_dma_hang()` function, specifically with incorrect handling of device IDs when a discrete GPU is inserted, can lead to an Address Data Error (ADE). This flaw may allow a local attacker to trigger a kernel panic, resulting in a Denial of S

CVE-2026-46192 CWE-372 kernel: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations kernel: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations A flaw was found in the Linux kernel's `spi: microchip-core-qspi` driver. This vulnerability allows the driver to transmit data during emulated read-only dual or quad operations, which are specific modes for communicating with Quad Serial Peripheral Interface (Q

CVE-2026-46229 CWE-909 kernel: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure kernel: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure A flaw was found in the Linux kernel's drm/amdkfd component. This vulnerability arises because VRAM (Video Random Access Memory) allocations for the KFD (Kernel Fusion Driver) path do not properly clear previously used memory. This oversight allows a local attacker, utilizing a compute kernel, to observe stale data from pr

CVE-2026-46219 CWE-364 kernel: spi: mpc52xx: fix use-after-free on unbind kernel: spi: mpc52xx: fix use-after-free on unbind A flaw was found in the Linux kernel's `spi-mpc52xx` driver. This vulnerability, a use-after-free, occurs because the state machine work, scheduled by the interrupt handler, is not properly cancelled after disabling interrupts during the unbind operation. This oversight can lead to memory corruption, potentially allowing an attacker to cause a denial of service or execute

CVE-2026-46129 CWE-763 kernel: btrfs: fix double free in create_space_info() error path kernel: btrfs: fix double free in create_space_info() error path A flaw was found in the Linux kernel, specifically within the btrfs filesystem. This vulnerability, a double free, occurs in the `create_space_info()` function's error handling path. When an internal object initialization fails, the system attempts to release memory twice for the same resource. This can lead to system instability or a denial of

CVE-2026-46175 CWE-911 kernel: f2fs: fix fsck inconsistency caused by FGGC of node block kernel: f2fs: fix fsck inconsistency caused by FGGC of node block A flaw was found in the Linux kernel's f2fs filesystem. During Foreground Garbage Collection (FGGC) of node blocks, the system fails to properly clear internal metadata marks. This can lead to filesystem inconsistencies, where the `fsck` utility may misinterpret the state of migrated data. A local user could potentially trigger this issue, re

CVE-2026-46212 CWE-364 kernel: batman-adv: bla: prevent use-after-free when deleting claims kernel: batman-adv: bla: prevent use-after-free when deleting claims A flaw was found in the `batman-adv` component of the Linux kernel. This vulnerability, a use-after-free, occurs during the process of deleting backbone claims. If exploited, this memory corruption issue could allow an attacker to cause a system crash, leading to a denial of service, or potentially execute unauthorized code. Package: k

CVE-2026-46225 CWE-826 kernel: spi: rspi: fix controller deregistration kernel: spi: rspi: fix controller deregistration No description is available for this CVE. Package: kernel (Red Hat Enterprise Linux 10) - Not affected Package: kernel (Red Hat Enterprise Linux 6) - Not affected Package: kernel (Red Hat Enterprise Linux 7) - Not affected Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected Package: kernel (Red Hat Enterprise Linux 8) - Not affected Package: kernel-rt (Red Ha

CVE-2026-46217 CWE-190 kernel: drm/amdgpu/vcn4: Avoid overflow on msg bound check kernel: drm/amdgpu/vcn4: Avoid overflow on msg bound check A flaw was found in the Linux kernel, specifically within the AMD GPU (Graphics Processing Unit) driver component `drm/amdgpu/vcn4`. This vulnerability is caused by an integer overflow during a message bound check. An attacker could potentially exploit this flaw to cause system instability or a denial of service (DoS). Package: kernel (Red Hat Enterprise

CVE-2026-46206 CWE-372 kernel: batman-adv: reject new tp_meter sessions during teardown kernel: batman-adv: reject new tp_meter sessions during teardown A flaw was found in the Linux kernel's `batman-adv` module, specifically in the `tp_meter` component. This vulnerability allows `tp_meter` to initiate new sender or receiver sessions even after the mesh state has exited `BATADV_MESH_ACTIVE`. This improper state management could lead to unexpected behavior or instability within the network mesh.