CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-45975
Medium

A vulnerability has been identified in the Linux kernel related to accessing the ublksrv_ctrl_cmd structure, which may reside in userspace-mapped memory. The issue involves a race condition when reading its fields, potentially leading to unpredictable behavior.

CVE-2026-45974
Medium

A vulnerability in the Linux kernel related to invalid leaf access in the btrfs_quota_enable() function when the reference key is not found has been resolved. The issue occurred when btrfs_search_slot_for_read() returned 1, indicating that no key greater than or equal to the requested key was found.

CVE-2026-45973
Medium

A vulnerability in the Linux kernel causes the driver to hang indefinitely in LAG mode during firmware reset. This issue arises from a race condition leading to an infinite wait for UMR completion during device unload.

CVE-2026-45971
Medium

A vulnerability in the Linux kernel related to BPF programs has been resolved by limiting the size of BPF program signatures. Allowing larger sizes can lead to abuse, forcing the kernel into costly memory allocations.

CVE-2026-45969
Medium

A vulnerability has been identified in the Linux kernel within the ps_gamepad_create() function, which calls input_ff_create_memless() without verifying its return value. This can lead to incorrect behavior or potential crashes when FF effects are triggered.

CVE-2026-45968
Medium

A vulnerability has been identified in the Linux kernel's cpuidle module, occurring on certain PowerNV platforms. The issue arises when only one idle state is registered, leading the governor to incorrectly treat this state, which can invoke a NULL pointer and ultimately cause system crashes.

CVE-2026-45967
Medium

A vulnerability in the Linux kernel has been fixed, concerning the map_direct_value_addr() function. This function incorrectly adds an offset to the address, potentially leading to system malfunction.

CVE-2026-45966
Medium

A vulnerability has been identified in the Linux kernel within AppArmor, leading to a NULL pointer dereference in the __unix_needs_revalidation function. This issue occurs when receiving file descriptors via SCM_RIGHTS, where both the socket and sk pointers may be NULL.

CVE-2026-45965
Medium

A vulnerability in the Linux kernel related to invalid dereferencing of rawdata when the export_binary parameter is unset has been fixed. When a profile is replaced, rawdata is set to NULL, leading to an error during dereferencing.

CVE-2026-45964
Medium

A vulnerability has been identified in the Linux kernel related to a kref leak in the error path of the gss_alloc_msg function. The issue arises from the lack of a kref_put() call when the kstrdup_const() function fails, leading to the gss_auth structure not being freed.

CVE-2026-45963
Medium

A vulnerability has been identified in the Linux kernel that may lead to system crashes when attempting to unload a driver while jack detection is pending. This issue affects the nau8821 component and is related to improper handling of delayed work.

CVE-2026-45962
Medium

A vulnerability has been identified in the Linux kernel affecting the ublk_ctrl_cmd_dump() function. The issue arises from the lack of validation of the SQE128 flag before accessing memory, which could lead to unauthorized out-of-bounds memory access.

CVE-2026-45961
Medium

In the Linux kernel, two memory leak issues in the gfs2_fill_super function have been resolved. These issues occur during error handling when transitioning a filesystem to read-write mode fails.

CVE-2026-45960
Medium

A vulnerability has been identified in the Linux kernel in the hfs_bnode_create function, which returns an existing node without incrementing its reference count. This can lead to reference count inconsistency and kernel panic when the node is later freed.

CVE-2026-45954
Medium

A vulnerability has been identified in the Linux kernel within the au1200fb_drv_probe() function, leading to a memory leak if the platform_get_irq function fails. The issue has been resolved by introducing a goto label to ensure proper resource cleanup.

CVE-2026-45953
Medium

A vulnerability has been identified in the Linux kernel within the md/raid5 module that leads to I/O hang in degraded arrays with llbitmap. The issue arises from a missing check on the state of bits, resulting in a deadloop during stripe handling.

CVE-2026-45952
Medium

A vulnerability related to MTU change validation in the fbnic driver has been resolved in the Linux kernel. Increasing the MTU beyond the HDS threshold causes packet fragmentation, which may lead to issues with TCP data transmission.

CVE-2026-45950
Medium

A vulnerability related to a memory leak in the starfive_aes_aead_do_one_req() function has been identified in the Linux kernel. This function allocates memory but fails to free it in case of errors, leading to memory leaks.

CVE-2026-45949
Medium

A vulnerability has been identified in the Linux kernel related to a race condition in the hwrng module. The issue arises from the hwrng_fillfn() thread not being properly stopped, leading to use-after-free situations and thread management errors.

CVE-2026-45948
Medium

A vulnerability has been identified in the Linux kernel within the ext4_ext_shift_extents() function, leading to a memory leak. The issue occurs when the extent pointer is NULL, preventing resource release.

PreviousPage 216 of 557Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS