5520 matches found
PT-2026-48215
Name of the Vulnerable Software and Affected Versions Dell Client Platform BIOS affected versions not specified Latitude E7250 Latitude 7490 XPS 15 9560 Wyse 5070 Description An unauthenticated attacker with physical access to the SPI flash can exploit weak encoding of BIOS admin and user...
CVE-2026-10046
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-10046
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-10046 Out-of-bounds write in Napoca BIOS INT 0x15 E820 memory map handler (VA-13905)
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-10046
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write in the BIOS INT 0x15 / E820 memory map handler (napoca/guests/bios_handlers.c). The handler derives a destination offset into the guest RealModeMemory from guest-controlled ES and EDI without validating the address against t...
PT-2026-45766
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios handlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-24216
NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: x86-android-tablets: Fixed a problem where the touchscreen function was not working properly on the Chuwi Hi8 when using the Windows BIOS. The handling of touchscreen operations for the Chuwi Hi8 is only necessary...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fixed a memory leak in generatelfpdataptrs When size != 0 || ptrs-lvdsentries != 3, the program attempts to use free on ptrs. However, ptrs is not created by calling kzmalloc; instead, it is obtained through a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89 – fw: scan offload prohibit all 6 GHz channels if no 6 GHz sband exists. We have certain policies via the BIOS that prevent the use of 6 GHz frequencies. In this case, the 6 GHz sband parameter will be set to NULL, ev...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: A memory leak has been fixed in the ipcpciereadbioscfg function. The ipcpciereadbioscfg function uses acpievaluatedsm to obtain the wwan power state configuration from the BIOS. However, it does not free the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the “block” layer, do not call “rqqosops-donebio” if the bio data structure is not being tracked. The “rqqos” framework is only applied on request-based drivers. Therefore: 1 The “rqqosdonebio” function is not necessary for...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add acpiputtable to prevent a memory leak. When the radeon driver reads BIOS information from the ACPI table in radeonacpivfctbios, it fails to call acpiputtable to release the ACPI memory after initialization...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed an issue where the BIOS boundary checking was off by one. Bounds checking during the parsing of init scripts embedded in the BIOS prevents access to the last byte. This causes driver initialization to fail on...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Allowing devdata==NULL in intelbiosencodersupportsdpdualmode. If we don’t have a VBT, or if the VBT did not declare the encoder, we won’t have the “devdata” for that encoder. Instead of throwing an error, we should...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021527)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021527 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix PCI device refcount leak in radeonatrmgetbios As comment of pcigetclass says, it...
kernel: nvmet: fix memory leak of bio integrity
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio-biintegrity. Since commit bf4c89fc8797 "block: don't call biouninit from...
kernel: nvmet: fix memory leak of bio integrity
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio-biintegrity. Since commit bf4c89fc8797 "block: don't call biouninit from...
Multi-Vendor BIOS Security Vulnerabilities (May 2026) - Lenovo Support US
No description provided...
SUSE CVE-2025-2296
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...