CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-46223
Medium

A vulnerability in the Linux kernel related to cgroup has been resolved, which could lead to system deadlock during the removal of a control group. The issue stemmed from improper management of tasks during their removal, potentially causing processes to be unable to terminate due to waiting for resource release.

CVE-2026-46222
Medium

A vulnerability has been identified in the Linux kernel due to missing checks for connected devices in pads, which may lead to a NULL pointer dereference when enabling the stream.

CVE-2026-46221
Medium

A vulnerability has been identified in the Linux kernel related to a memory leak of the device name. The device name allocated via kzalloc() in init_one_mc() is not freed on the normal removal path, leading to a memory leak.

CVE-2026-46220
Medium

A vulnerability in the Linux kernel has been resolved by replacing BUG_ON() calls in the sdma_v4_0_ring_emit_fence() function with WARN_ON() calls. This allowed unprivileged users to trigger a kernel panic through misaligned fence writeback addresses.

CVE-2026-46216
Medium

A vulnerability in the Linux kernel has been resolved by adding a NULL check for media_gt in the intel_hdcp_gsc_check_status() function. When media GT is disabled, the lack of allocation for media_gt leads to a kernel pagefault error.

CVE-2026-46214
Medium

A vulnerability has been identified in the Linux kernel related to the leak of the accepted connection count on transport mismatch. The issue occurs when the vsock_assign_transport() function fails or selects a different transport, leading to a permanent increment of sk_ack_backlog.

CVE-2026-46211
Medium

A vulnerability has been identified in the Linux kernel within the msm_ioctl_gem_info_get_metadata() function, which always returns 0, ignoring errors. This causes userspace to incorrectly interpret that the ioctl call succeeded when it did not.

CVE-2026-46207
Medium

A vulnerability has been identified in the Linux kernel related to improper data copying for non-linear buffers. The issue was that during the copying of the original payload to a new buffer, the copy length was set to zero, resulting in no data being copied.

CVE-2026-46202
Medium

A vulnerability has been identified in the Linux kernel's autodim code in the hid-appletb-kbd module, allowing blocking functions to be called in atomic context. This issue occurs in two locations, leading to mutex locking errors.

CVE-2026-46200
Medium

A vulnerability related to the deregistration of the SPI controller in mpc52xx has been fixed in the Linux kernel. The issue was that the controller was not properly deregistered before disabling and releasing resources such as interrupts and GPIOs.

CVE-2026-46196
Medium

A vulnerability has been identified in the Linux kernel related to tracepoints that occurs during the failure of the func_add() function in tracepoint_add_func(). In the event of an error, the function does not call the corresponding unregfunc(), leading to an incorrect reference state.

CVE-2026-46194
Medium

A vulnerability has been identified in the Linux kernel within the f2fs_destroy_extent_node() function, which does not set the FI_NO_EXTENT flag before clearing nodes. This can lead to a race condition between deletion and writeback operations, resulting in a f2fs_bug_on() error in the __destroy_extent_node() function.

CVE-2026-46193
Medium

A vulnerability has been identified in the Linux kernel's AH module that occurs during asynchronous operations. The issue involves incorrect handling of the high bits of ESN in callbacks, leading to data transmission errors in both IPv4 and IPv6 protocols.

CVE-2026-46192
Medium

A vulnerability in the Linux kernel related to the SPI interface in microchips has been resolved, which occurred during emulated read-only dual/quad operations. The issue involved unnecessary data transmission that could lead to transfer failure.

CVE-2026-46188
Medium

A vulnerability has been identified in the Linux kernel due to a lack of NULL checks after calling the napi_build_skb() function. In case of allocation failure, the result can lead to a NULL pointer dereference.

CVE-2026-46187
Medium

A vulnerability has been identified in the Linux kernel related to a race condition in thread management. The issue occurs when kthread_complete_and_exit() is called before kthread_stop(), leading to the use of a kthread object after it has been freed.

CVE-2026-46186
Medium

A vulnerability has been identified in the Linux kernel's Bluetooth packet handling that allows invalid data to be passed to the hci_recv_frame() function. This issue arises when the packet length is not properly verified before further processing, potentially leading to the reading of uninitialized data from the buffer.

CVE-2026-46184
Medium

A vulnerability in the Linux kernel related to division by zero in USB handling functions has been fixed. A missing sanity check for bNrChannels in detect_usb_format() could lead to a kernel crash.

CVE-2026-46182
Medium

A vulnerability in the Linux kernel was identified that allowed uninitialized stack memory bytes to leak to userspace. The issue was related to the papr_hvpipe_hdr structure, where not all fields were initialized, potentially leading to data exposure.

CVE-2026-46179
Medium

A vulnerability has been identified in the Linux kernel that allows pointer operations on unconfigured streams. The issue arises from dividing the I/O frame position by values that default to 0, potentially leading to a divide by zero error.

PreviousPage 210 of 560Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS