PT-2026-47790

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the drm/nouveau component when aperture remove conflicting pci devices fails during the probe process. The error path returns immediately without releasing the nv...

CVE-2025-71313

Summary (CVE-2025-71313) : In the Linux kernel PCI endpoint driver, there is a missing NULL check after alloc_workqueue(), which can return NULL on memory allocation failure. If a NULL workqueue pointer is later passed to queue_work() in epf_ntb_epc_init(), this can cause a NULL pointer dereferen...

EUVD-2026-32475

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...

CVE-2026-46092

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...

CVE-2026-45880

The CVE-2026-45880 entry concerns the Linux kernel PCI/P2PDMA path. When vm_insert_page() fails inside p2pmem_alloc_mmap(), the code path does not call percpu_ref_put() to release the per-CPU reference of the pgmap acquired after gen_pool_alloc_owner(). As a result, memunmap_pages() can hang inde...

CVE-2026-45880 PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap doesn't invoke percpurefput to free the per-CPU ref of pgmap acquired after genpoolallocowner, and...

CVE-2026-45880

PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails...

PT-2026-43747

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI/P2PDMA component where the p2pmem alloc mmap function fails to invoke percpu ref put to release the per-CPU reference of pgmap acquired after gen pool alloc...

PT-2026-43876

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A duplicate resource teardown occurs in the PCI endpoint pci-epf-ntb component. The function epf ntb epc destroy performs...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The issue of the refcount leak in the PCI device during amdgpuatrmgetbios has been fixed. According to the comments on pcigetclass, it returns a pcidevice with its refcount being incremented. Additionally, the refcoun...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...

EUVD-2025-209863

Improper input validation in the AMD Secure Processor ASP PCI driver could allow a local attacker to trigger a Use-After-Free UAF condition, potentially resulting in a loss of platform integrity or crash...

PT-2026-41227

Improper Input validation in the AMD Secure Processor ASP PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service...

EUVD-2026-28754

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvmepollirqdisable In the following scenario, pdev can be disabled between 1 and 3 by 2. This sets pdev-msixenabled = 0. Then, pciirqvector will return MSI-X IRQ15 for 1 whereas return INTx IRQcqvector...

CVE-2026-43211

A flaw was found in the Linux kernel. An error in the PCI Peripheral Component Interconnect subsystem's lock management, specifically within the pcislottrylock function, can lead to system instability. This occurs when a lock is incorrectly released, potentially causing warnings or interfering wi...

CVE-2026-43147

A flaw was found in the Linux kernel. A local user can cause a system deadlock by performing specific operations related to SR-IOV Single Root I/O Virtualization device removal. This occurs due to a recursive lock acquisition within the PCI Peripheral Component Interconnect subsystem, specificall...

CVE-2026-43213

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...

CVE-2026-43211

CVE-2026-43211 – Linux kernel PCI slot lock handling fix The issue arises in PCI lock management: pci_slot_trylock() incorrectly handled unlocking when nested locks fail, due to an extra pci_dev_unlock(dev) on the failure path after delegating to pci_bus_trylock(). This could trigger a warning ab...

CVE-2026-43176

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 "wifi: rtw89: pci: validate sequence number of TX release report" does validation on existing chips, which somehow a release...

CVE-2026-43147

CVE-2026-43147 concerns a deadlock in the Linux kernel SR-IOV removal path. The issue arises when sriov_del_vfs() is invoked during pci_stop_and_remove_bus_device(), causing a recursive lock acquisition on pci_rescan_remove_lock and leading to system unresponsiveness. The public description confi...