Latest CVE Feed
-
0.0
NACVE-2026-23062
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro The GET_INSTANCE_ID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop ... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71065
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi->cp_rwsem --> fs_reclaim --> sb_intern... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2025-71069
In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAX_DIR_HASH_DEPTH. When RENAME_WH... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Information Disclosure
-
0.0
NACVE-2025-71066
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change [email protected] says: The vulnerability is a race condition between `ets_qdisc_d... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23083
In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem mentioned in the previous patch. If FOU_ATTR_IPPROTO is set to 0, skb is not freed by fou_udp_recv() nor "r... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23101
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to leds_list when it is fully ready Before this change the LED was added to leds_list before led_init_core() gets called adding it the list before led_clas... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Race Condition
-
0.0
NONECVE-2026-23741
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredu... Read more
Affected Products : asterisk- Published: Feb. 06, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Authentication
-
0.0
NACVE-2025-71068
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rq_pages index in inline path svc_rdma_copy_inline_range indexed rqstp->rq_pages[rc_curpage] without verifying rc_curpage stays within the allocated page array. Add... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-22999
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated,... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23005
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 When loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabl... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-71185
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71186
In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holdi... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23038
In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails, the function jumps to the out_scratch label w... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71196
In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe() The "index" variable is used as an index into the usbphyc->phys[] array which has usbphyc->nphys elements. So if it is equal to usbphyc->np... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23054
In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rnd... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23069
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtio_transport_get_credit() The credit calculation in virtio_transport_get_credit() uses unsigned arithmetic: ret = vvs->peer_buf_alloc - (... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible explo... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23110
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wak... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2025-71199
In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver at91_adc_interrupt can call at91_adc_touch_data_handler function to start the work by schedule_work(&st->t... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71090
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg() nfsd4_add_rdaccess_to_wrdeleg() unconditionally overwrites fp->fi_fds[O_RDONLY] with a newly acquired nfsd_file. Ho... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Memory Corruption