SUSE CVE-2026-46245

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

SUSE CVE-2026-46263

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as an index into streamencregs, which has only 5 entries. When engid is ...

CVE-2026-46245

A flaw was found in the Linux kernel's AMD GPU display driver. The amdgpudmhpdinit function, responsible for Hot-Plug Detect HPD initialization, may attempt to dereference a null dclink when handling certain connectors. This unconditional dereference can lead to a system crash, allowing a local...

CVE-2026-46263

A flaw was found in the Linux kernel's drm/amd/display component. This vulnerability arises from an out-of-bounds array access when an invalid engid value is used to index the streamencregs array. A local attacker or a privileged process could exploit this memory corruption to potentially execute...

CVE-2026-46245

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

EUVD-2026-34125

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as an index into streamencregs, which has only 5 entries. When engid is ...

CVE-2026-46263

CVE-2026-46263: Linux kernel DRM/AMD display component fix for out-of-bounds access in stream_enc_regs. The issue stems from eng_id being used directly as an index into stream_enc_regs[] (size 5); eng_id can be 5 (ENGINE_ID_DIGF) or negative, risking memory past the end. A bounds check using ARRA...

EUVD-2026-34107

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

CVE-2026-46245 drm/amd/display: Fix dc_link NULL handling in HPD init

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

CVE-2026-46245

MODE C: The connected sources describe a concrete fix in the Linux kernel DRM AMD display code for CVE-2026-46245. The flaw was that amdgpu_dm_hpd_init() could dereference a NULL dc_link when wiring HPD interrupts for connectors that lacked a valid dc_link. The patch introduces a NULL check on am...

PT-2026-46026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 eng id can be negative and that stream enc regs can be indexed out of bounds. eng id is used directly as an index into stream enc regs, which has only 5 entries. When eng...

PT-2026-46008

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the AMD display Hot Plug Detect HPD initialization. The function amdgpu dm hpd init may encounter connectors that lack a valid dc link. While the cod...

CVE-2021-4479 Dräger Atlan A350 1.00-1.01 DoS via Medibus Interface

Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload th...

CVE-2021-4479

Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload th...

CVE-2026-9730

The Remove NoFollow Commenter URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the gmzcommentsettingssave function. This makes it possible for unauthenticated attackers to modify...

EUVD-2026-33896

The Remove NoFollow Commenter URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the gmzcommentsettingssave function. This makes it possible for unauthenticated attackers to modify...

CVE-2026-9730 Remove NoFollow Commenter URL <= 1.0 - Cross-Site Request Forgery to Settings Update

The Remove NoFollow Commenter URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the gmzcommentsettingssave function. This makes it possible for unauthenticated attackers to modify...

EUVD-2026-33822

Memory Corruption when processing fastboot commands to set display mode...

EUVD-2026-33843

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-24092

Memory Corruption when processing fastboot commands to set display mode...