406 matches found
SUSE CVE-2026-53133
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...
CVE-2026-53133
A flaw was found in the Linux kernel's RDMA/umem component. When the IOMMU Input/Output Memory Management Unit is used, a very large memory block can be split across multiple scatter-gather SG entries. During the reassembly of these split SG entries, an issue with truncation for block sizes great...
CVE-2026-53133 RDMA/umem: Fix truncation for block sizes >= 4G
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...
PT-2026-52229
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/umem component where the linearization of mapping when using an iommu can result in a single large block split across multiple SG entries. The function rdma...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: tracing/dma: CapDMAmapsg tracepoint arrays to prevent buffer overflows. The dmamapsg tracepoint can cause a PERF buffer overflow when tracing large scatter-gather lists. When devices like virtio-gpu create large DRM buffers, the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: ChipIdea UDC: Fix for DMA and SG cleanup in epnuke The ChipIdea UDC driver may encounter errors where “not-page-aligned sg buffers” occur when a USB device is reconnected after being disconnected during an active transfer...
UBUNTU-CVE-2026-52932
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
EUVD-2026-38702
In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fixed BQL accounting for multi-BD TX packets. When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the actual length of each BD from the descriptor status into an...
media: videobuf2: Set vma_flags in vb2_dma_sg_mmap
...
CVE-2026-45908
A flaw was found in the Linux kernel's accel/amdxdna component. The amdxdnaubufmap function allocates memory for scatter-gather SG and internal SG table structures. However, it fails to free this allocated memory if subsequent operations, such as sgalloctablefrompages or dmamapsgtable, encounter ...
EUVD-2026-32374
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...
CVE-2026-45908
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...
CVE-2026-45908 accel/amdxdna: Fix memory leak in amdxdna_ubuf_map
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevents the transmitted data size from exceeding the length of sgm. No check is performed on the size of the data to be transmitted. This can lead to a kernel panic when the transmitted data size exceeds the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the issue with the ib block iterator counter overflow. When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry into smaller, aligned D...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel – Added error handling for dmamapsg calls. The macro dmamapsg function may return 0 in case of an error. This patch enables checks in case of a macro failure and ensures that previously mapped buffers are unmappe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommupt: Fixed the issue where short gathering occurs when unmapping a large entry. The unmap operation has an unusual behavior—it may unmap more entries than requested, especially when the destination address falls within the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fixed a race condition that could lead to system crashes during EEH error handling During EEH error recovery, the bnx2x driver’s transmit timeout logic could create a race...
SUSE CVE-2026-43250
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...