CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23303 – smb: client: Don't log plaintext credentials in cifs_set_cifscreds
https://notcve.org/view.php?id=CVE-2026-23303
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing credentials. • https://git.kernel.org/stable/c/8a8798a5ff90977d6459ce1d657cf8fe13a51e97 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2026-23302 – net: annotate data-races around sk->sk_{data_ready,write_space}
https://notcve.org/view.php?id=CVE-2026-23302
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently. Add corresponding READ_ONCE()/WRITE_ONCE() annotations for UDP, TCP and AF_UNIX. • https://git.kernel.org/stable/c/604326b41a6fb9b4a78b6179335decee0365cd8c •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23300 – net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop
https://notcve.org/view.php?id=CVE-2026-23300
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop When a standalone IPv6 nexthop object is created with a loopback device (e.g., "ip -6 nexthop add id 100 dev lo"), fib6_nh_init() misclassifies it as a reject route. This is because nexthop objects have no destination prefix (fc_dst=::), causing fib6_is_reject() to match any loopback nexthop. The reject path skips fib_nh_common_init(), leaving nhc_pcpu_rth_output unalloca... • https://git.kernel.org/stable/c/493ced1ac47c48bb86d9d4e8e87df8592be85a0e •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23298 – can: ucan: Fix infinite loop from zero-length messages
https://notcve.org/view.php?id=CVE-2026-23298
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucan_read_bulk_callback(), hanging the system. If the length is 0, just skip the message and go on to the next one. This has been fixed in the kvaser_usb driver in the past in commit 0c73772cd2b8 ("can: kvaser_usb: leaf: Fix potential infinite loop in command parsers")... • https://git.kernel.org/stable/c/9f2d3eae88d26c29d96e42983b755940d9169cd9 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2026-23296 – scsi: core: Fix refcount leak for tagset_refcnt
https://notcve.org/view.php?id=CVE-2026-23296
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagset_refcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: [130120.652718] scsi_alloc_sdev: Allocation failure during SCSI scanning, some SCSI devices might not be configured PID: 2528 TASK: ffff9d0408974e00 CPU: 3 COMMAND: "iscsid" #0 [ffffb5b9c134b9e0] __schedule at ffffffff860657d4 #1 [ffffb5b9c134ba28] schedule at ffffffff86065c6f ... • https://git.kernel.org/stable/c/8fe4ce5836e932f5766317cb651c1ff2a4cd0506 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23293 – net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled
https://notcve.org/view.php?id=CVE-2026-23293
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which initializes it. If an IPv6 packet is injected into the interface, route_shortcircuit() is called and a NULL pointer dereference happens on neigh_lookup(). BUG: kernel NULL pointer dereference, address: 0000000000000380 Oops: Oops: 0000 [... • https://git.kernel.org/stable/c/e15a00aafa4b7953ad717d3cb1ad7acf4ff76945 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2026-23292 – scsi: target: Fix recursive locking in __configfs_open_file()
https://notcve.org/view.php?id=CVE-2026-23292
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in __configfs_open_file() In flush_write_buffer, &p->frag_sem is acquired and then the loaded store function is called, which, here, is target_core_item_dbroot_store(). This function called filp_open(), following which these functions were called (in reverse order), according to the call trace: down_read __configfs_open_file do_dentry_open vfs_open do_open path_openat do_filp_open file_open_name filp_open... • https://git.kernel.org/stable/c/b0841eefd9693827afb9888235e26ddd098f9cef •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23291 – nfc: pn533: properly drop the usb interface reference on disconnect
https://notcve.org/view.php?id=CVE-2026-23291
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up by properly dropping the reference after we are done with it. • https://git.kernel.org/stable/c/c46ee38620a2aa2b25b16bc9738ace80dbff76a4 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23290 – net: usb: pegasus: validate USB endpoints
https://notcve.org/view.php?id=CVE-2026-23290
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23289 – IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
https://notcve.org/view.php?id=CVE-2026-23289
25 Mar 2026 — In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() Fix a user triggerable leak on the system call failure path. • https://git.kernel.org/stable/c/ec34a922d243c3401a694450734e9effb2bafbfe •