27 matches found
PT-2026-46002
Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...
EUVD-2026-34153
Mercusys AC12G EU V1 with firmware AC12GEUV1200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...
SUSE CVE-2026-46240
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in irisreleaseinternalbuffers The recent change in commit 1dabf00ee206 "media: iris: gen1: Destroy internal buffers after FW releases" introduced a regression where sessionreleasebuf may free the...
CVE-2026-46240
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in irisreleaseinternalbuffers The recent change in commit 1dabf00ee206 "media: iris: gen1: Destroy internal buffers after FW releases" introduced a regression where sessionreleasebuf may free the...
EUVD-2026-32758
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in irisreleaseinternalbuffers The recent change in commit 1dabf00ee206 "media: iris: gen1: Destroy internal buffers after FW releases" introduced a regression where sessionreleasebuf may free the...
CVE-2026-46240
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in irisreleaseinternalbuffers The recent change in commit 1dabf00ee206 "media: iris: gen1: Destroy internal buffers after FW releases" introduced a regression where sessionreleasebuf may free the...
PT-2026-44363
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in iris release internal buffers The recent change in commit 1dabf00ee206 "media: iris: gen1: Destroy internal buffers after FW releases" introduced a regression where session release buf may free...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Media: Iris: Gen1 – Destroy internal buffers after the firmware release. After the firmware releases, the driver did not destroy the internal buffers. This led to stale allocations that were no longer used, especially during...
Linux Distros Unpatched Vulnerability : CVE-2026-43142
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not destroying them. This left stale...
EUVD-2026-27701
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution...
CVE-2026-43142
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution...
CVE-2026-43142 media: iris: gen1: Destroy internal buffers after FW releases
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution...
CVE-2026-43142
CVE-2026-43142 affects the Linux kernel media: iris: gen1 driver. The issue arises because the driver does not destroy internal buffers after firmware releases, leaving stale allocations (notably when display resolutions change). This can waste memory until session close and may contribute to res...
CVE-2026-43142
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution...
PT-2026-37482
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the iris driver for gen1, internal buffers were not destroyed after being released by the firmware. This led to stale allocations that remained unused, particularly during resolution...
EUVD-2026-26664
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...
CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...
Imagination Graphics DDK 缓冲区错误漏洞
Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a buffer error vulnerability that arises from software run by an unprivileged user that may execute improper GPU system calls to force the GPU to write to arbitrary physical memo...
PT-2026-2471
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...
curl: Heap Buffer Overflow in TFTP
Summary: A heap buffer overflow vulnerability exists in the TFTP implementation of libcurl. The vulnerability is triggered when a malicious TFTP server sends an OACK Option acknowledgment packet with a blksize option that is larger than the default block size 512 bytes. libcurl updates its intern...