Latest CVE Feed
-
0.0
NACVE-2026-22990
In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, the... Read more
Affected Products : linux_kernel- Published: Jan. 23, 2026
- Modified: Jan. 26, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-71120
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditiona... Read more
Affected Products : linux_kernel- Published: Jan. 14, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-22984
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idryomov... Read more
Affected Products : linux_kernel- Published: Jan. 23, 2026
- Modified: Jan. 26, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-68777
In the Linux kernel, the following vulnerability has been resolved: Input: ti_am335x_tsc - fix off-by-one error in wire_order validation The current validation 'wire_order[i] > ARRAY_SIZE(config_pins)' allows wire_order[i] to equal ARRAY_SIZE(config_pin... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23013
In the Linux kernel, the following vulnerability has been resolved: net: octeon_ep_vf: fix free_irq dev_id mismatch in IRQ rollback octep_vf_request_irqs() requests MSI-X queue IRQs with dev_id set to ioq_vector. If request_irq() fails part-way, the rol... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Jan. 26, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71067
In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read boot_block when mounting When mounting, sb->s_blocksize is used to read the boot_block without being defined or validated. Set a dummy blocksize before... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23036
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before iget_failed() in btrfs_read_locked_inode() In btrfs_read_locked_inode() if we fail to lookup the inode, we jump to the 'out' label with a path that has a read... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23014
In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimer_try_to_cancel() in perf_swevent_cancel_hrtimer() it appears possible for the hrtimer to still be active by ... Read more
Affected Products : linux_kernel- Published: Jan. 28, 2026
- Modified: Jan. 29, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2025-71150
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2_SESSION_VALID, It indicates that no valid session was found, b... Read more
Affected Products : linux_kernel- Published: Jan. 23, 2026
- Modified: Jan. 26, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71065
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi->cp_rwsem --> fs_reclaim --> sb_intern... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2025-71066
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change [email protected] says: The vulnerability is a race condition between `ets_qdisc_d... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2025-71187
In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures (e.g. probe deferral).... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-68783
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices get_meter_levels_from_urb() parses the 64-byte meter packets sent by the device and fills the per-channel arrays meter_level[], c... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71163
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop the reference taken when looking up the idxd device as part of the compat bind and unbind sysfs interface.... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Jan. 30, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-71086
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets bound to a devi... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71070
In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will ... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71071
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can ... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23035
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails. Pass netdev to mlx5e_destroy_netdev... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-71072
In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures maple_tree insertions can fail if we are seriously short on memory; simple_offset_rename() does not recover well if it runs into that. The same go... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 14, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71108
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some bu... Read more
Affected Products : linux_kernel- Published: Jan. 14, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Misconfiguration