Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-43438 — sched_ext: Remove redundant css_put() in scx_cgroup_init()

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Remove redundant css_put() in scx_cgroup_init() The iterator css_for_each_descendant_pre() walks the cgroup hierarchy …

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43437 — ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain()

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() In the drain loop, the local variable 'runtime' is reas…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43436 — ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may h…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43435 — rust_binder: fix oneway spam detection

In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted…

| Denial of Service
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43434 — rust_binder: check ownership before using vma

In the Linux kernel, the following vulnerability has been resolved: rust_binder: check ownership before using vma When installing missing pages (or zapping them), Rust Binder will look up the vma i…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43433 — rust_binder: avoid reading the written value in offsets array

In the Linux kernel, the following vulnerability has been resolved: rust_binder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into …

| Race Condition
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43432 — usb: xhci: Fix memory leak in xhci_disable_slot()

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhci_disable_slot() xhci_alloc_command() allocates a command structure and, when the second argumen…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43431 — xhci: Fix NULL pointer dereference when reading portli debugfs files

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug i…

| Misconfiguration
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43430 — usb: yurex: fix race in probe

In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before …

| Race Condition
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43429 — USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts The usbtmc driver accepts timeout values specified by the u…

| Denial of Service
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43428 — USB: core: Limit the length of unkillable synchronous timeouts

In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usb_control_msg(), usb_bulk_msg(), and usb_interrupt_msg() API…

| Denial of Service
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43427 — usb: class: cdc-wdm: fix reordering issue in read code path

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-o…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43426 — usb: renesas_usbhs: fix use-after-free in ISR during device removal

In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: fix use-after-free in ISR during device removal In usbhs_remove(), the driver frees resources (including the …

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43425 — usb: image: mdc800: kill download URB on timeout

In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800_device_read() submits download_urb and waits for completion. If the timeo…

| Denial of Service
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43424 — usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling The `tpg->tpg_nexus` pointer in the USB Target driver is dyna…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43423 — usb: gadget: f_ncm: Fix atomic context locking issue

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix atomic context locking issue The ncm_set_alt function was holding a mutex to protect against races with c…

| Race Condition
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43422 — usb: legacy: ncm: Fix NPE in gncm_bind

In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncm_bind Commit 56a512a9b410 ("usb: gadget: f_ncm: align net_device lifecycle with bind/unbind") de…

May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43421 — usb: gadget: f_ncm: Fix net_device lifecycle with device_move

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix net_device lifecycle with device_move The network device outlived its parent gadget device during disconn…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43420 — ceph: fix i_nlink underrun during async unlink

In the Linux kernel, the following vulnerability has been resolved: ceph: fix i_nlink underrun during async unlink During async unlink, we drop the `i_nlink` counter before we receive the completio…

| Race Condition
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43419 — ceph: fix memory leaks in ceph_mdsc_build_path()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in ceph_mdsc_build_path() Add __putname() calls to error code paths that did not free the "path" pointer o…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
Showing 20 of 5924 Results