CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2026-43392 – sched_ext: Fix starvation of scx_enable() under fair-class saturation
https://notcve.org/view.php?id=CVE-2026-43392
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix starvation of scx_enable() under fair-class saturation During scx_enable(), the READY -> ENABLED task switching loop changes the calling thread's sched_class from fair to ext. Since fair has higher priority than ext, saturating fair-class workloads can indefinitely starve the enable thread, hanging the system. This was introduced when the enable path switched from preempt_disable() to scx_bypass() which doesn't protect agains... • https://git.kernel.org/stable/c/8c2090c504e998c8f34ec870bae71dafcc96a6e0 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-43391 – nsfs: tighten permission checks for handle opening
https://notcve.org/view.php?id=CVE-2026-43391
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts. • https://git.kernel.org/stable/c/5222470b2fbb3740f931f189db33dd1367b1ae75 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2026-43390 – nstree: tighten permission checks for listing
https://notcve.org/view.php?id=CVE-2026-43390
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts. • https://git.kernel.org/stable/c/76b6f5dfb3fda76fce1f9990d6fa58adc711122b •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2026-43389 – mm: memfd_luo: always dirty all folios
https://notcve.org/view.php?id=CVE-2026-43389
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: mm: memfd_luo: always dirty all folios A dirty folio is one which has been written to. A clean folio is its opposite. Since a clean folio has no user data, it can be freed under memory pressure. memfd preservation with LUO saves the flag at preserve(). This is problematic. The folio might get dirtied later. • https://git.kernel.org/stable/c/b3749f174d686627f702234e64bad976dc432dbc •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2026-43388 – mm/damon/core: clear walk_control on inactive context in damos_walk()
https://notcve.org/view.php?id=CVE-2026-43388
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walk_control on inactive context in damos_walk() damos_walk() sets ctx->walk_control to the caller-provided control structure before checking whether the context is running. If the context is inactive (damon_is_running() returns false), the function returns -EINVAL without clearing ctx->walk_control. This leaves a dangling pointer to a stack-allocated structure that will be freed when the caller returns. This is structu... • https://git.kernel.org/stable/c/bf0eaba0ff9c9c8e6fd58ddfa1a8b6df4b813f61 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2026-43387 – staging: rtl8723bs: properly validate the data in rtw_get_ie_ex()
https://notcve.org/view.php?id=CVE-2026-43387
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser"), we don't trust the data in the frame so we should check the length better before acting on it • https://git.kernel.org/stable/c/554c0a3abf216c991c5ebddcdb2c08689ecd290b •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2026-43386 – staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie
https://notcve.org/view.php?id=CVE-2026-43386
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie The current code checks 'i + 5 < in_len' at the end of the if statement. However, it accesses 'in_ie[i + 5]' before that check, which can lead to an out-of-bounds read. Move the length check to the beginning of the conditional to ensure the index is within bounds before accessing the array. • https://git.kernel.org/stable/c/554c0a3abf216c991c5ebddcdb2c08689ecd290b •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-43385 – net: Fix rcu_tasks stall in threaded busypoll
https://notcve.org/view.php?id=CVE-2026-43385
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: net: Fix rcu_tasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enable threaded busypoll, bpftrace hangs when starting up. dmesg showed: rcu_tasks_wait_gp: rcu_tasks grace period number 85 (since boot) is 10658 jiffies old. rcu_tasks_wait_gp: rcu_tasks grace period number 85 (since boot) is 40793 jiffies old. rcu_tasks_wait_gp: rcu_tasks grace period number 85 (since boot) is 131273 jiffies old. rcu_tas... • https://git.kernel.org/stable/c/c18d4b190a46651726c9a952667c74d2deb33c28 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2026-43384 – net/tcp-ao: Fix MAC comparison to be constant-time
https://notcve.org/view.php?id=CVE-2026-43384
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this. • https://git.kernel.org/stable/c/0a3a809089eb1d4a0a2fd0c16b520d603988c859 •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2026-43383 – net/tcp-md5: Fix MAC comparison to be constant-time
https://notcve.org/view.php?id=CVE-2026-43383
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this. • https://git.kernel.org/stable/c/cfb6eeb4c860592edd123fdea908d23c6ad1c7dc •