Lucene search
K

1191 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

kernel: RDMA/umem: Fix double dma_buf_unpin in failure path

A flaw was found in the Linux kernel's RDMA/umem subsystem. A memory management error, specifically a double unpin of a dmabuf, can occur in a failure path during dmabuf pinning operations. This vulnerability could lead to system instability or a crash, resulting in a Denial of Service DoS...

7.8CVSS7AI score0.00139EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago2 views

kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-53322

A flaw was found in the Linux kernel's vfio/pci subsystem. During device shutdown, an improper order of operations in cleaning up Direct Memory Access Buffers DMABUFs before disabling the function creates a brief window. In this window, a device's Base Address Registers BARs could still be access...

8.8CVSS5.7AI score0.00174EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-53300

A flaw was found in the Linux kernel's enetc network driver. This issue arises when the netcxmitntmpcmd function times out and returns an error, causing a DMA Direct Memory Access buffer to be prematurely freed. Subsequently, the hardware may write to the physical address of this freed buffer,...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References4
CVE
CVE
added 4 days ago13 views

CVE-2026-10644

The CVE describes an out-of-bounds write in Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c) used by the PIC32CM-JH family. When uart_rx_enable() is called with a one-byte receive buffer (len == 1) and CONFIG_UART_MCHP_ASYNC is enabled, the RX-complete ISR starts a single-be...

4.2CVSS6AI score0.00143EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 4 days ago9 views

SUSE CVE-2026-53300

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue 1. If netcxmitntmpcmd times out and returns an error, the pending command is not explicitly aborted, while...

7.8CVSS6AI score0.00124EPSS
Exploits0References3
NVD
NVD
added 6 days ago6 views

CVE-2026-53300

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue 1. If netcxmitntmpcmd times out and returns an error, the pending command is not explicitly aborted, while...

7.8CVSS0.00124EPSS
Exploits0References3
CVE
CVE
added 6 days ago16 views

CVE-2026-53322

CVE-2026-53322 affects the Linux kernel’s vfio/pci subsystem. The issue occurs during device shutdown when vfio_pci_core_close_device() disables a function before calling vfio_pci_dma_buf_cleanup(), allowing a small window where the function’s MSE is cleared while DMABUF-access to BARs may still ...

8.8CVSS5.8AI score0.00174EPSS
Exploits0References5
Cvelist
Cvelist
added 6 days ago23 views

CVE-2026-53300 net: enetc: fix NTMP DMA use-after-free issue

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue 1. If netcxmitntmpcmd times out and returns an error, the pending command is not explicitly aborted, while...

7.8CVSS0.00124EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-53300

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue 1. If netcxmitntmpcmd times out and returns an error, the pending command is not explicitly aborted, while...

7.8CVSS5.9AI score0.00124EPSS
Exploits0
RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-53133

A flaw was found in the Linux kernel's RDMA/umem component. When the IOMMU Input/Output Memory Management Unit is used, a very large memory block can be split across multiple scatter-gather SG entries. During the reassembly of these split SG entries, an issue with truncation for block sizes great...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added last week12 views

CVE-2026-53229

A flaw was found in the Linux kernel's mlx5e driver. When an XDP eXpress Data Path transmission fails, the driver does not properly unmap DMA Direct Memory Access addresses or free allocated XDP frames. This oversight can lead to a continuous leak of DMA resources and XDP frames, potentially...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added last week6 views

kernel: RDMA/iwcm: Fix workqueue list corruption by removing work_list

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA Internet Wide Area RDMA Protocol iWARP subsystem. Incorrect work submission logic in the iwcm component can lead to multiple queueing of work items. This allows a work item to be processed and freed while still present in the...

9.8CVSS5.7AI score0.00465EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39338

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

5.7AI score0.00129EPSS
Exploits0References9
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53159

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

0.00172EPSS
Exploits0References7
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53133

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

7.8CVSS0.00129EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53133

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53229

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix DMA and xdpframe leak on XDPTX xmit failure In the XSK branch of mlx5exmitxdpbuff, when sq-xmitxdpframe returns false e.g. XDPSQ is full, the function returns without unmapping the DMA address or freeing the...

7.5CVSS5.7AI score0.00466EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53146

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Limit XDomain response copy to actual frame size tbxdomaincopy copies req-responsesize bytes from the received packet buffer regardless of the actual frame size. When a short response arrives, this reads past the val...

7.1CVSS5.9AI score0.00242EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53171

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

8.8CVSS5.9AI score0.00137EPSS
Exploits0References5
Rows per page
Query Builder