307 matches found
CVE-2026-53146
CVE-2026-53146 affects the Linux kernel Thunderbolt XDomain handling. tb_xdomain_copy() copies req->response_size bytes from the received packet buffer regardless of the actual frame size, allowing a short response to read past valid frame data into stale DMA contents. The fixed behavior is to...
EUVD-2026-38819
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: handle empty bo and UAF races There look to be some nasty races here when triggering the invalidatemappings hook: 1 We do xeboalloc followed by the attach, before the actual full bo init step in xedmabufinitobj...
CVE-2026-52951
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: handle empty bo and UAF races There look to be some nasty races here when triggering the invalidatemappings hook: 1 We do xeboalloc followed by the attach, before the actual full bo init step in xedmabufinitobj...
CVE-2026-52951 drm/xe/dma-buf: handle empty bo and UAF races
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: handle empty bo and UAF races There look to be some nasty races here when triggering the invalidatemappings hook: 1 We do xeboalloc followed by the attach, before the actual full bo init step in xedmabufinitobj...
kernel: RDMA/umem: Fix double dma_buf_unpin in failure path
A flaw was found in the Linux kernel's RDMA/umem subsystem. A memory management error, specifically a double unpin of a dmabuf, can occur in a failure path during dmabuf pinning operations. This vulnerability could lead to system instability or a crash, resulting in a Denial of Service DoS...
RHEL 9 : kernel (RHSA-2026:27713)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27713 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nfconntrackh323:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvmem: zynqmpnvmem: Fixed the buffer size in DMA and memcpy. The buffer size used in DMA allocation and memcpy is incorrect. This can lead to undersized DMA buffer accesses and potential memory corruption. Use the correct buff...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “drm/gem-framebuffer: Use dmabuf from GEM object instance” has been reverted. This reversion is reflected in commit cce16fcd7446dcff7480cd9d2b6417075ed81065. The dmabuf field in the struct drmgemobject is not stable throughout th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fixed the BUGON in the probe function. The snddmabuffer.bytes field now contains the aligned size, which this sndBUGON did not account for, resulting in the following issue: 9.625915 ------------ Cut here ----------...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: usb-storage: alauda: Fixed the uninit-value issue in alaudacheckmedia. Syzbot reported that KMSAN complained about accessing an uninitialized value within the alauda subdriver of usb-storage. Bug: KMSAN: uninit-value in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/gem-dma: Use dmabuf from GEM object instance’” This change is reflected in commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dmabuf field in the struct drmgemobject is not stable throughout the lifetime of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: habanalabs: fixed UAF in exportdmabuf Once we insert a file reference into the descriptor table, another thread may close that file. This is fine if all we’re doing is returning the descriptor to userland—it’s a race condition, b...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fixed the issue where the dmabuf was not unpined in the error-prone preparefb function. Corrected the error handling in preparefb to prevent resource leaks when an error occurs...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dma-buf: Fixed NULL pointer dereferencing in sanitycheck. If mockchain returns NULL due to a memory allocation failure, it is passed to dmafenceenableswsignaling, resulting in a NULL pointer dereferencing there. Call...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fixed an issue where the CMA heap fault handler made a mistake in calculating the boundary. Until the VMDONTEXPAND flag was added in commit 1c1914d6e8c6 “dma-buf: heaps: Don’t track CMA dma-buf pages under RssFile...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace attempts to access the dma-buf via the CPU, as reported by syzbot: WARNING: CPU: 1 PID:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free. References to i915requests may be trapped by the user space within a syncfile or dmabuf dma-resv and held indefinitely across different processes. To counte...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Revert “drm/prime: Use dmabuf from GEM object instance” This revert is reflected in commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in struct drmgemobject is not stable throughout the lifetime of the object...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned flag...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dma-buf: A memory barrier should be inserted before updating numfences. smpstoremb inserts a memory barrier after storing data. This differs from what the comment originally intended; a null pointer dereferencing can occur if the...