1572 matches found
CVE-2026-53054
A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically within the Qualcomm Adreno GPU MSM driver. An incorrect argument in the VMBIND UNMAP locking mechanism meant that certain objects involved in unmapping operations were not consistently locked. This could...
CVE-2026-53054
The CVE-2026-53054 entry concerns the Linux kernel DRM/MSM code, where a wrong argument caused UNMAP operations to fail to lock the involved objects consistently. Specifically, UNMAP handling could bypass proper locking for non-_NO_SHARE BOs, since _NO_SHARE objects share a common reservation wit...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fixed a refcount leak in mdp4modesetinitintf. In the function ofgraphgetremotenode, the remote device node pointer is returned with the refcount incremented. We should use ofnodeput on it when it is no longer needed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: Fixed the issue where ifpcreglist was referenced even though it wasn’t declared. On platforms with an A7xx GPU that does not support IFPC, the ifpcreglist is still referenced in a6xxpatchpwrupreglist, which cause...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the issue of null pointer dereference on the pointer edp. The pointer dev is initialized, and the edp is dereferenced before edp is checked for being null. This could lead to a null pointer dereference issue. This...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup of FB if dpuformatpopulatelayout fails If dpuformatpopulatelayout fails, then FB is prepared, but not cleaned up. This results in the pincount being leaked from the GEM object, causing a crash during DRM file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check The call to preemptpreparepostamble is moved after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Ensure that lastfence is always updated. Update lastfence in the vm-bind path, rather than the kernel-managed path. lastfence is used to wait for work to complete in vmbind contexts, but not in kernel-managed contexts...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: Certain pins are marked as invalid for interrupts. On some platforms, the UFS-reset pin has no interrupt logic in TLMM, but it is still registered as a GPIO in the kernel. This allows the user-space to trigger...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereferencing in msmdispstateprint regs. If the allocation in msmdispstatedump regs fails, block-state can become NULL. The msmdispstateprint regs function includes code to handle this situation: c if reg...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fixed NULL dereferencing during snapshot cleanup. In cases of early initialization errors, and on platforms that do not use the DPU controller, the deinitialization code can be called with the kms pointer set to NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: Avoid clearing hardware interrupts if hwintr is null during drm uninit. If the edp modeset init fails due to the panel not being ready, and the probe is deferred during drm bind, avoid clearing IRQs and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Errors in error pointers were fixed in dpuplanevirtualatomiccheck. The function dpuplanevirtualatomiccheck was referencing pointers returned by drmatomicgetplanestate, without checking for errors. This could lead to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Fixed the issue where global state locks were locked backoff. We need to acquire the lock after the early return in the !hwpipe case. Otherwise, we might encounter contention but still return 0. This fix addresses a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: check the return value after calling platformgetresourcebyname. If platformgetresourcebyname returns NULL, it may lead to a null-ptr-deref issue. Therefore, we need to check the return value. Patchwork:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fixed the error code msmParseDeeps. The SUBMITERROR macro converts the error code to a negative value. This additional '-' operation converts it back to a positive EINVAL. The error code is passed to ERRPTR; since...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm: msm: fixed a possible memory leak in mdp5crtccursorset drmgemobjectlookup will call drmgemobjectget inside it. Therefore, cursorbo needs to be set when msmgemgetandpiniova fails...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fixed NULL dereferencing when uninstalling an interrupt. In cases of early initialization errors, and on platforms that do not use the DPU controller, the deinitialization code can be called with the kms pointer set to...
SUSE CVE-2026-46211
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...
CVE-2026-46211
A flaw was found in the Linux kernel's drm/msm/gem component. Improper error handling within the msmioctlgeminfogetmetadata function can lead to a NULL pointer dereference. This occurs because the function fails to check for allocation failures and incorrectly reports success even when operations...