299 matches found
USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
UBUNTU-CVE-2026-53280
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...
CVE-2026-53120
A flaw was found in the Linux kernel's PCI Peripheral Component Interconnect subsystem. A Use-After-Free UAF vulnerability exists where a driver, during its probing process, accesses a memory region after it has been freed. This improper handling of memory can lead to system instability, memory...
EUVD-2026-38988
In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...
PT-2026-52014
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the PCI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The issue of the refcount leak in the PCI device during amdgpuatrmgetbios has been fixed. According to the comments on pcigetclass, it returns a pcidevice with its refcount being incremented. Additionally, the refcoun...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...
PT-2026-47790
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the drm/nouveau component when aperture remove conflicting pci devices fails during the probe process. The error path returns immediately without releasing the nv...
CVE-2025-71313
Summary (CVE-2025-71313) : In the Linux kernel PCI endpoint driver, there is a missing NULL check after alloc_workqueue(), which can return NULL on memory allocation failure. If a NULL workqueue pointer is later passed to queue_work() in epf_ntb_epc_init(), this can cause a NULL pointer dereferen...
EUVD-2026-32475
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...
CVE-2026-46092
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...
CVE-2026-45880 PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails
In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap doesn't invoke percpurefput to free the per-CPU ref of pgmap acquired after genpoolallocowner, and...
CVE-2026-45880
CVE-2026-45880 – Linux kernel PCI/P2PDMA issue : When vm_insert_page() fails during p2pmem_alloc_mmap(), the code does not release the per-CPU ref for pgmap acquired after gen_pool_alloc_owner(), causing memunmap_pages() to hang when removing a PCI device. The patch fixes this by adding the missi...
PT-2026-43876
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A duplicate resource teardown occurs in the PCI endpoint pci-epf-ntb component. The function epf ntb epc destroy performs...
CVE-2026-45880
PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails...
PT-2026-43747
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI/P2PDMA component where the p2pmem alloc mmap function fails to invoke percpu ref put to release the per-CPU reference of pgmap acquired after gen pool alloc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering. It is possible to trigger a use-after-free situation here by: a forcing rescanworkfunc to take a long time, and b using a pwrctrl driver that may be unloaded for som...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/pci: The duplicate call to pcidevput in the disableslot function was fixed, especially when the PF has child VFs. With the commit bbc5d6c76903 “s390/pci: introducing a lock to synchronize the state of zpcidev’s”, the code th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent. If the controller is not marked as cache coherent, then the kernel will try to ensure coherence during DMA operations, which may lead to data corruption. Therefore...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices was fixed in dmardevscopeinit. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the...