CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-43320 – drm/amd/display: Fix dsc eDP issue
https://notcve.org/view.php?id=CVE-2026-43320
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue [why] Need to add function hook check before use • https://git.kernel.org/stable/c/3766a840e093d30e1a2522f650d8a6ac892a8719 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2026-43319 – spi: spidev: fix lock inversion between spi_lock and buf_lock
https://notcve.org/view.php?id=CVE-2026-43319
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spi_lock and buf_lock The spidev driver previously used two mutexes, spi_lock and buf_lock, but acquired them in different orders depending on the code path: write()/read(): buf_lock -> spi_lock ioctl(): spi_lock -> buf_lock This AB-BA locking pattern triggers lockdep warnings and can cause real deadlocks: WARNING: possible circular locking dependency detected spidev_ioctl() -> mutex_lock(&spidev->buf... • https://git.kernel.org/stable/c/a720416d94634068951773cb9e9d6f1b73769e5b •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2026-43318 – drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify
https://notcve.org/view.php?id=CVE-2026-43318
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify Invalidating a dmabuf will impact other users of the shared BO. In the scenario where process A moves the BO, it needs to inform process B about the move and process B will need to update its page table. The commit fixes a synchronisation bug caused by the use of the ticket: it made amdgpu_vm_handle_moved behave as if updating the page table immediately was correct but in this case... • https://git.kernel.org/stable/c/a448cb003edcb4b63d0a9c95f3faab724e6150fb •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2026-43317 – most: core: fix leak on early registration failure
https://notcve.org/view.php?id=CVE-2026-43317
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: most: core: fix leak on early registration failure A recent commit fixed a resource leak on early registration failures but for some reason left out the first error path which still leaks the resources associated with the interface. Fix up also the first error path so that the interface is always released on errors. • https://git.kernel.org/stable/c/723de0f9171eeb49a3ae98cae82ebbbb992b3a7c •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2026-43316 – media: solo6x10: Check for out of bounds chip_id
https://notcve.org/view.php?id=CVE-2026-43316
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: Check for out of bounds chip_id Clang with CONFIG_UBSAN_SHIFT=y noticed a condition where a signed type (literal "1" is an "int") could end up being shifted beyond 32 bits, so instrumentation was added (and due to the double is_tw286x() call seen via inlining), Clang decides the second one must now be undefined behavior and elides the rest of the function[1]. This is a known problem with Clang (that is still being worked on... • https://git.kernel.org/stable/c/faa4fd2a09517b39cc1f5d622453f97a59acfdac •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-71302 – drm/panthor: fix for dma-fence safe access rules
https://notcve.org/view.php?id=CVE-2025-71302
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: drm/panthor: fix for dma-fence safe access rules Commit 506aa8b02a8d6 ("dma-fence: Add safe access helpers and document the rules") details the dma-fence safe access rules. The most common culprit is that drm_sched_fence_get_timeline_name may race with group_free_queue. • https://git.kernel.org/stable/c/de85488138247d034eb3241840424a54d660926b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71300 – Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"
https://notcve.org/view.php?id=CVE-2025-71300
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically injects a reserved-memory node along with optee firmware node to kernel device tree. The injection logic is dependent on that there is no manually defined optee node. Having the node in zynqmp.dtsi effectively breaks OP-TEE's insertion of the reserved-memory node, causing memory acc... • https://git.kernel.org/stable/c/06d22ed6b6635b17551f386b50bb5aaff9b75fbe •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2026-43315 – KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding
https://notcve.org/view.php?id=CVE-2026-43315
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding Drop the WARN in svm_set_nested_state() on nested_svm_load_cr3() failing as it is trivially easy to trigger from userspace by modifying CPUID after loading CR3. E.g. modifying the state restoration selftest like so: --- tools/testing/selftests/kvm/x86/state_test.c +++ tools/testing/selftests/kvm/x86/state_test.c @@ -280,7 +280,16 @@ int main(int argc, char *argv[]... • https://git.kernel.org/stable/c/b222b0b88162bdef4eceb12a79d5edbbdb23dbfd •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2026-43314 – dm: remove fake timeout to avoid leak request
https://notcve.org/view.php?id=CVE-2026-43314
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 ("blk-mq: move failure injection out of blk_mq_complete_request"), drivers are responsible for calling blk_should_fake_timeout() at appropriate code paths and opportunities. However, the dm driver does not implement its own timeout handler and relies on the timeout handling of its slave devices. If an io-timeout-fail error is injected to a dm device, the request will be... • https://git.kernel.org/stable/c/e6ee8c0b767540f59e20da3ced282601db8aa502 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2026-43313 – ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4()
https://notcve.org/view.php?id=CVE-2026-43313
08 May 2026 — In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() In acpi_processor_errata_piix4(), the pointer dev is first assigned an IDE device and then reassigned an ISA device: dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB, ...); dev = pci_get_subsys(..., PCI_DEVICE_ID_INTEL_82371AB_0, ...); If the first lookup succeeds but the second fails, dev becomes NULL. This leads to a potential null-pointer dereference when... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •