CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.13)
A vulnerability has been identified in the Linux kernel related to the management of egress QoS priority mappings in the 8021q protocol. The issue is that cleared priority mappings are kept as 'tombstones', leading to memory leaks during set/clear cycles.
A vulnerability has been identified in the usblp driver in the Linux kernel, leading to a heap leak in controlling IEEE 1284 devices. The issue arises when a faulty printer can leave stale data in memory due to improper data transfer.
A vulnerability has been identified in the Linux kernel's QSPI controller, which automatically manages the chip select. The issue arises when two devices are connected to the controller, potentially leading to malfunction when one device uses GPIO for chip select.
A vulnerability in the Linux kernel related to vCPU initialization in KVM for arm64 has been fixed. Issues regarding pin leaks and vCPU publication ordering have been addressed by implementing appropriate safeguards in the code.
A vulnerability has been identified in the Linux kernel in the convert_chmap_v3() function, which may lead to a potential endless loop due to a lack of validation of the descriptor length. A proper size check has been added to prevent this situation.
A vulnerability in the Linux kernel related to the mana_ib_create_qp_rss() function has been fixed, which could lead to a leak in mana_ib_cfg_vport_steering().
A vulnerability has been identified in the Linux kernel affecting the ASoC: qcom: q6apm-lpass-dai component. The issue allows multiple graph openings for the playback path, leading to memory leaks.
A vulnerability related to illegal access to the WX_CFG_PORT_ST register by VF has been fixed in the Linux kernel. Attempting to read this register during VF initialization leads to a system hang.
A vulnerability has been identified in the Linux kernel related to a memory leak in the XIVE code for the PowerPC architecture. The issue occurs during the allocation of MSI-X vectors for an NVMe device, where the xive_irq_data structure is not properly freed.
A vulnerability has been identified in the Linux kernel SMB client related to improper initialization of the security descriptor buffer. A change in the data structure caused the reserved field to remain uninitialized, leading to errors when attempting to use chmod.
A vulnerability has been identified in the Linux kernel related to the lack of mutex initialization in Thunderbolt registration. Improper mutex management leads to a NULL dereference, potentially causing system crashes.
A vulnerability has been identified in the Linux kernel within the rtnl_fill_vfinfo function that may lead to stack information leakage. The ifla_vf_broadcast structure was not initialized before use, resulting in the disclosure of up to 26 bytes of unallocated kernel stack memory.
A vulnerability has been identified in the Linux kernel related to checking nEPT/nNPT in slow hypercall flushes. The issue lies in the incorrect checking of guest mode, which may lead to improper functioning of address translation features.
A vulnerability has been identified in the Linux kernel related to the incorrect checking of the data size of the event message buffer response in the IPMI interface. The issue is that the size check occurs later, which may lead to improper processing of empty messages returned by some BMCs.
A vulnerability has been identified and resolved in the Linux kernel. The issue concerns a faulty reference to the uctx pointer in the ocrdma_copy_pd_uresp() function during error handling, which can lead to system crashes.
A vulnerability in the Linux kernel related to the mana_destroy_wq_obj() function in queue object management has been resolved. The issues pertain to bugs in the error unwind flow concerning the WQ table.
A vulnerability has been identified in the Linux kernel that leads to a null pointer dereference in the papr_hvpipe_dev_create_handle() function. A change introduced by commit 6d3789d347a7 caused the src_info pointer to be reused for adding it to the global list after calling retain_and_null_ptr(src_info), leading to a kernel panic.
A vulnerability has been identified in the Linux kernel related to a memory leak in the ulpi_register() function. If errors occur in ulpi_of_register() or ulpi_read_id() before device_register() is called, allocated memory is leaked.
In the Linux kernel, the IPMI SI driver has a vulnerability where a message allocation failure can leave the driver in an incorrect state. In such cases, the driver does not return to normal operation, potentially causing issues with hardware management.
In the Linux kernel, a race condition was found in the eventfs filesystem during remount operations. The eventfs_set_attrs() function recursively traversed the child list without proper locking, leading to use-after-free and data races.

