These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-43240 is a Linux kernel availability issue in x86 kexec handling. If a second-stage kernel is started with a limiting command line such as mem=<size>, the preserved IMA measurement list from the previous kernel can land outside the usable RAM range. When the kernel tries to restore that list, it can fault and panic during boot. The main risk is loss of system availability and disrupted attestatio [truncated]
CVE-2026-31779 is a Linux kernel vulnerability in the iwlwifi mvm path where insufficient length validation around a memcpy can let results->matches pick up unwanted data. NVD classifies it as CWE-125 and rates it 8.1 High, with adjacent-network attack conditions and no privileges or user interaction required. The issue was found by the Linux Verification Center (linuxtesting.org) with SVACE, and NVD list [truncated]
CVE-2026-31778 is a Linux kernel ALSA caiaq bug that can turn a shortname copy into a stack out-of-bounds read. The flaw comes from a bounds check that allowed a 16-byte local buffer to be filled without room for the terminating NUL, so later string handling in snd_card_set_id() can read past the stack buffer. NVD rates the issue HIGH, with local attack requirements and potential for information disclosur [truncated]
CVE-2026-31771 is a Linux kernel Bluetooth vulnerability in HCI event processing. The issue was published on 2026-05-01 and updated on 2026-05-11, with fixes referenced in the NVD record and Linux kernel stable patches. The bug allowed wake-reason storage to run before per-event length validation, so a short HCI event frame could reach a memory-copy path before bounds checks completed. The fix moves wake- [truncated]
CVE-2026-31770 is a Linux kernel availability issue in the hwmon occ driver. A missing zero-check in occ_show_power_1() can divide by update_tag before any samples have been collected, which can trigger a kernel crash during early boot or similar zero-sample states. The issue is rated medium severity and affects supported kernel release lines until the fixed stable releases noted by NVD.
CVE-2026-31769 is a Linux kernel use-after-free in the GPIB ioctl path. A low-privileged local attacker can race IBRD, IBWRT, IBCMD, or IBWAIT against IBCLOSEDEV so that a gpib_descriptor is freed after big_gpib_mutex is released but before the handler finishes using it. NVD rates the issue HIGH, with high confidentiality, integrity, and availability impact, and kernel fixes add a descriptor_busy referenc [truncated]
CVE-2026-31768 is a Linux kernel bug in the ti-adc161s626 IIO ADC driver where spi_read() used stack memory instead of DMA-safe storage. The upstream fix replaces that buffer handling with a DMA-safe u8[] buffer and adjusts the byte conversion logic accordingly. NVD rates the issue High (CVSS 7.8) with local attack requirements, no user interaction, and high impacts to confidentiality, integrity, and availability.
CVE-2026-31767 is a Linux kernel DRM/i915 issue in DSI command mode where DSC-related horizontal timing adjustments could shrink timing values enough to trigger a division-by-zero while calculating vtotal. NVD rates it CVSS 5.5 (MEDIUM) with a local, low-privilege availability impact. The fix stops applying those horizontal timing adjustments in command mode and is referenced by multiple stable kernel patch links.
CVE-2026-31766 is a Linux kernel AMDGPU flaw in user queue creation where a user-controlled doorbell_offset could be used without bounds checking. The kernel patch validates that the offset stays within the allocated doorbell buffer object before computing the BAR doorbell index, using u64 arithmetic to avoid overflow. This reduces the risk of out-of-range doorbell indexing and potential corruption of ker [truncated]
CVE-2026-31765 is a Linux kernel amdgpu/KFD availability issue that can crash affected systems, especially on 64KB page-size configurations. The problem is a size mismatch between the reserved GPU trap area and the KFD CWSR TBA/TMA allocation: the reserved space was hardcoded at 8KB while the allocation could grow to 128KB on 64KB-page systems. NVD rates the issue as local, low-complexity, low-privilege, [truncated]
CVE-2023-0386 is a Linux kernel vulnerability described as an improper ownership management issue. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-06-17, which means it is considered known to be exploited and should be prioritized for remediation. The supplied corpus does not include deeper technical detail, so this debrief stays at a high level and focuses on defensive response.
CVE-2024-53197 is a Linux kernel out-of-bounds access vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-04-09. Because it is on the KEV list, defenders should treat it as actively exploited or otherwise significant enough to require prompt mitigation, even though the provided corpus does not include a CVSS score or detailed impact analysis. The most important action is t [truncated]
CVE-2017-1000253 is a Linux Kernel memory-corruption issue identified by CISA as actively exploited and added to the Known Exploited Vulnerabilities catalog. CISA’s entry also marks known ransomware campaign use as "Known," which raises the operational priority for any environment running affected Linux kernel builds. The supplied source corpus does not include the full vendor advisory or NVD detail text, [truncated]
CVE-2022-48829 is a Linux kernel NFSD issue in NFSv3 SETATTR and CREATE handling for large file sizes. The bug can corrupt or silently alter incoming size values when they exceed the signed 64-bit range, which is unexpected behavior for clients and can affect NFS server availability and correctness. NVD rates the issue as medium severity, with local, low-privilege conditions required.
CVE-2022-48828 is a Linux kernel NFSD bug where an NFS file-size value can be copied into a signed 64-bit iattr::ia_size field without first checking whether the unsigned value exceeds S64_MAX. The result is an underflow in nfsd_setattr(), with availability impact only per the CVSS vector. The NVD record and linked kernel patches describe the issue as fixed in the common setattr path used by NFSv3 and NFSv4 handling.
CVE-2022-48827 is a Linux kernel NFS server bug where a READ request near OFFSET_MAX can overflow internal offset handling, leading the server to return EINVAL and the client to retry indefinitely. The fix changes out-of-range READ behavior to complete as a short read with EOF and ensures wire offsets are converted safely to loff_t before kernel checks.
CVE-2024-1086 is a Linux Kernel use-after-free vulnerability that CISA added to its Known Exploited Vulnerabilities (KEV) catalog on 2024-05-30. CISA also flags known ransomware campaign use as "Known," which makes this a high-priority issue for defenders running Linux kernel-based systems or products that embed the kernel. The KEV entry sets a remediation due date of 2024-06-20 and directs organizations [truncated]
CVE-2021-47316 is a Linux kernel nfsd NULL dereference issue in the nfs3svc_encode_getaclres XDR encoder. The NVD record lists Linux kernel versions 5.13 through before 5.13.4 as affected. The supplied description says that in error cases the dentry may be NULL, and that the encoder previously performed extra checks before later simplification. The published CVSS vector indicates a local, low-privilege pa [truncated]
CVE-2024-26880 is a Linux kernel device-mapper flaw that can lead to a kernel crash during suspend/resume handling. The underlying issue was an incorrect pairing of postsuspend and resume callbacks: two consecutive postsuspend calls could attempt to remove the same list entry twice, corrupting kernel list state. The fix updates __dm_internal_resume to invoke the table targets’ preresume and resume methods [truncated]
CVE-2024-26878 is a Linux kernel vulnerability in quota handling that can lead to a NULL pointer dereference during a race between inode quota teardown and quota-off processing. NVD lists impacted Linux kernel release ranges across multiple stable branches, and the kernel fix replaces the direct pointer use with a temporary reference to avoid the race window. The primary impact is availability, consistent [truncated]
CVE-2024-26877 is a Linux kernel issue in the Xilinx crypto driver finalize path. According to the kernel fix note, crypto_finalize_request must be called with bottom halves disabled; otherwise the crypto engine can trigger a kernel WARNING and call trace during AEAD request completion. The NVD record rates the issue as medium severity, with availability impact only.
CVE-2024-26875 is a Linux kernel use-after-free in the pvrusb2 USB media driver. The reported KASAN trace shows pvr2_context_set_notify() dereferencing freed memory during disconnect handling, and the fix moves the disconnect_flag assignment to the end of pvr2_context_disconnect() so another thread cannot free the shared object too early.
CVE-2024-26872 is a Linux kernel RDMA/srpt use-after-free issue that can occur when an event handler is registered before the srpt device is fully initialized. According to the NVD record and linked kernel patches, a rare error-path race can leave a partially set up event handler in place and later lead to a KASAN-reported use-after-free write in srpt_refresh_port(). The corrective change is to defer even [truncated]
CVE-2024-26870 describes a Linux kernel NFSv4.2 bug in listxattr() handling that can reach a kernel BUG in mm/usercopy.c when buffer sizing is mishandled. The published fix adds an ERANGE return when nfs4_listxattr() is called with size > 0 and the required length is greater than the supplied buffer. NVD rates the issue CVSS 5.5/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, reflecting a local availability impact r [truncated]
CVE-2024-26863 is a Linux kernel vulnerability in the HSR code path, published on 2024-04-17. A packet with ETH_P_PRP or ETH_P_HSR that is not followed by an HSR tag can cause hsr_get_node() to use an invalid uninitialized sequence number, leading to an availability impact rated CVSS 5.5/MEDIUM.
CVE-2024-26861 is a Linux kernel WireGuard issue in the receive path where KCSAN reported a data race involving receiving_counter.counter. The upstream fix uses READ_ONCE() and WRITE_ONCE() annotations to mark the concurrent access as intentional. NVD rates the issue as medium severity, with local access required and availability impact as the primary concern.
CVE-2024-26859 describes a race condition in the Linux kernel's bnx2x network driver that can surface during EEH error recovery and reset handling. In affected paths, transmit-timeout recovery and EEH slot reset logic can overlap while SGEs/page-pool pages are being freed, which can lead to access to freed memory and a system crash. NVD rates the issue as medium severity with local attack requirements and [truncated]
CVE-2024-26855 is a Linux kernel availability issue in the ice network driver path. The bug can lead to a NULL pointer dereference in ice_bridge_setlink() when nlmsg_find_attr() returns NULL and the code later iterates nested attributes. The fix adds a NULL check before entering the nested-attribute loop. NVD rates the issue medium severity (CVSS 5.5).
CVE-2024-26852 is a Linux kernel IPv6 use-after-free in the multipath route notification path. The issue was found by syzbot and confirmed by KASAN, with the supplied record showing a slab-use-after-free in rt6_fill_node reached through ip6_route_mpath_notify().
CVE-2024-26851 is a Linux kernel issue in netfilter’s nf_conntrack_h323 decoder where malformed input could make the extension bitmap length grow beyond 32 and drive an invalid shift operation. The result is undefined behavior detected by UBSAN, and the fix adds a bounds check so decoding stops with an out-of-range error instead of continuing with unsafe bitmap lengths.
CVE-2024-26820 affects the Linux kernel’s hv_netvsc driver and can cause virtual function registration to be missed when the driver is unloaded and reloaded. The result is a networking disruption issue rather than a confidentiality or integrity flaw. NVD rates it as a medium-severity local problem with high availability impact.
CVE-2024-26816 is a Linux kernel hardening issue in x86 relocation handling for the .notes section. On kernels built with CONFIG_XEN_PV=y, symbols are emitted into .notes so Xen can find the startup_xen entry point. The flaw is that applying relocations there can expose KASLR-related address information through the world-readable /sys/kernel/notes interface. The fix is to skip relocations in .notes so the [truncated]
CVE-2024-27437 is a Linux kernel VFIO/pci issue in exclusive INTx interrupt handling. On devices that need masking at the irqchip and do not support DisINTx, the kernel could enable the IRQ during request_irq() and then disable it afterward to match the masked state. That brief window created a race: if the interrupt fired in between, the disable depth could be incremented twice and become unrecoverable f [truncated]
CVE-2024-26812 is a Linux kernel VFIO/PCI issue in INTx interrupt handling. The supplied NVD record describes a path where the INTx eventfd could be deconfigured, unregistering the IRQ handler while later irqfd or SET_IRQS paths could still signal an eventfd with a NULL context. The published fix changes how the INTx handler is managed and adds synchronization so the trigger can be updated safely while in [truncated]
CVE-2024-26810 is a Linux kernel VFIO PCI race condition involving INTx masking and interrupt-configuration changes. The flaw occurs when mask operations through config-space changes to DisINTx can race ioctl-driven INTx configuration changes. The result is an unsafe interrupt state transition path that can affect availability.
CVE-2024-26787 is a Linux kernel issue in the mmci/stm32 MMC DMA path where an error-handling branch could leave scatter-gather DMA mappings unbalanced. In affected builds, CONFIG_DMA_API_DEBUG_SG can report overlapping mappings and cacheline tracking warnings because dma_map_sg and dma_unmap_sg are not correctly paired on certain error paths. The issue was fixed in upstream/stable kernel patches referenc [truncated]
CVE-2024-26659 is a Linux kernel xHCI bug in isochronous transfer error handling. According to the public record, the driver could incorrectly assume ownership of a multi-TRB transfer descriptor after early error events, which could lead to freed or overwritten descriptors and incorrect completion handling. The issue is rated medium severity and primarily affects availability, with the NVD vector indicati [truncated]
CVE-2024-26651 is a Linux kernel issue in the sr9800 USB network driver where failure from usbnet_get_endpoints() was not properly checked and propagated. The published fix adds error handling so the driver stops on endpoint setup failure instead of continuing with invalid state. NVD rates the issue as medium severity with local, low-privileged, no-user-interaction conditions and high availability impact.
CVE-2024-26643 is a Linux kernel netfilter/nf_tables race condition affecting anonymous sets with timeouts. NVD rates it Medium (CVSS 5.5), and the issue is described as an asynchronous garbage-collection race that can interfere with set teardown and lead to denial of service on vulnerable kernels. The fix marks the set dead so async GC skips it during release and abort handling.
CVE-2024-26642 is a Linux kernel nf_tables issue that was fixed by rejecting anonymous sets with the timeout flag, except where NFT_SET_EVAL is needed for legacy meter support. The CVE is rated medium severity and is primarily a defensive maintenance concern for systems running affected kernel branches.
CVE-2023-52620 affects the Linux kernel’s netfilter nf_tables path. According to the CVE description, the fix disallows timeout parameters for anonymous sets because those parameters were never intended to be used from userspace. NVD rates the issue as LOW severity with local access, low privileges, high attack complexity, and availability-only impact. The record also links multiple stable-kernel patch re [truncated]
CVE-2023-52614 is a Linux kernel memory-safety issue in PM/devfreq’s trans_stat_show() path. According to the CVE record and referenced kernel patches, the function could overrun its output buffer while building transition statistics. The fix replaces snprintf with scnprintf, stops when PAGE_SIZE would be exceeded, emits a warning that statistics are disabled, and returns -EFBIG when the full table cannot [truncated]
CVE-2024-26629 affects the Linux kernel NFS server (nfsd) handling of NFSv4 RELEASE_LOCKOWNER. According to the supplied record, the original so_count-based test could return a false NFS4ERR_LOCKS_HELD even when no locks were actually held, creating a protocol violation and incorrect client behavior. The issue was published on 2024-03-13 and is rated medium severity in the supplied NVD data.
CVE-2021-47107 is a Linux kernel NFSD memory-corruption issue in the READDIR path. According to NVD and the kernel fix notes, a too-small READDIR count can underflow the buffer-size calculation in the new init_dirlist helper, which can then allow XDR reserve/write logic to go past the intended buffer. NVD rates the issue 7.8 HIGH and lists affected Linux kernel builds in the 5.13 to 5.15.12 range, plus 5. [truncated]
CVE-2021-47002 is a Linux kernel SUNRPC issue that can trigger a null pointer dereference in svc_rqst_free(). According to the CVE description, if alloc_pages_node() returns null in svc_rqst_alloc(), the resulting rq_scratch_page can later be passed to put_page() without a null check. The result is a crash condition rather than a confidentiality or integrity compromise.
CVE-2024-26596 is a Linux kernel availability issue in DSA netdevice event handling. The vulnerability was published on 2024-02-23 and describes a case where code dereferenced netdev_priv() before confirming the device was actually a DSA user device. On netdevices with zero private data size, such as the dummy interface, this can produce an out-of-bounds read and a kernel oops during NETDEV_PRECHANGEUPPER [truncated]
CVE-2023-52458 is a Linux kernel block-layer bug in partition handling. When a partition is added or resized without checking alignment to the disk’s logical block size, reads of the final sector can be truncated into an I/O error on systems with logical block sizes larger than 512 bytes. If integrity data is enabled, the same condition can also lead to a NULL pointer dereference. NVD rates the issue CVSS [truncated]
CVE-2023-52447 is a Linux kernel BPF use-after-free issue in the handling of inner maps. When an inner map is updated or deleted from an outer map, BPF programs may still access it. The kernel fix defers the final free until after the required RCU and tasks trace RCU grace periods, reducing the risk that a BPF program can touch freed memory.
CVE-2024-25739 affects the Linux kernel’s UBI code path in drivers/mtd/ubi/vtbl.c. The issue is a missing check for ubi->leb_size in create_empty_lvol, which can lead to an attempt to allocate zero bytes and crash the kernel. The CVE was published on 2024-02-12 and the record was later modified on 2026-05-12.
CVE-2024-24859 describes a race condition in the Linux kernel's Bluetooth networking code, specifically in sniff_{min,max}_interval_set(). According to NVD, the issue can trigger a Bluetooth sniffing exception and may lead to denial of service. The CVE is publicly disclosed and mapped by NVD to CWE-362 (race condition).