Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000604)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000604 advisory. Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of...

CVE-2025-10865

CVE-2025-10865 affects the Imagination Graphics DDK (GPU driver) where DevmemIntGetReservationData does not properly ref the PMR, leading to improper reference counting and a potential use-after-free vulnerability. The issue is described as arising when unprivileged users run GPU system calls, wi...

CVE-2025-58411

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58411 GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58409

CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...

CVE-2025-25176 GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world

Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform...

CVE-2025-68793

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job-pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls drmschedstop and later...

UBUNTU-CVE-2025-68793

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job-pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls drmschedstop and later...

CVE-2025-68793

CVE-2025-68793 affects the Linux kernel DRM/amdgpu component, specifically a race in gpu recovery that can cause a use‑after‑free when accessing the pasid. The root cause is a race between the sched timeout callback and the tdr work queue: gpu_recovery calls drm_sched_stop(), then drm_sched_start...

CVE-2025-68793 drm/amdgpu: fix a job->pasid access race in gpu recovery

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job-pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls drmschedstop and later...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the GPU page fault that occurs after hibernation with PF passthrough. In a PF passthrough environment, after hibernation and then resuming, coralgemm causes a GPU page fault. Mode1 reset occurs during hibernatio...

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. A security vulnerability exists in the Imagination Graphics DDK that stems from the possibility that an unprivileged user may make improper GPU system calls, resulting in improper management of reference counts, which ma...

PT-2026-2471

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

PT-2026-2472

Name of the Vulnerable Software and Affected Versions Software affected versions not specified Description Software installed and run as a non-privileged user may conduct improper GPU system calls, leading to mismanagement of resources reference counting and a potential use after free scenario...

Memory DisOrder: Memory Re-Orderings As a Timerless Side-Channel

To improve efficiency, nearly all parallel processing units CPUs and GPUs implement relaxed memory models in which memory operations may be re-ordered, i.e., executed out-of-order. Prior testing work in this area found that memory re-orderings are observed more frequently when other cores are...

ROS-20260113-7366

A vulnerability in the drivers/gpu/drm/vc4 component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260113-7312

A vulnerability in the navi10issupportfinegraineddpm function in the drivers/gpu/drm/amd/pm/swsmu/smu11/navi10ppt.c module of the amdpgu driver of the Linux kernel is related to incorrect index calculation. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integri...