827 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001700)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001700 advisory. Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001381 advisory. A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget which are aligned to PUD...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksm: The range-walk function is used to skip over unmapped regions during the scangetnextrmapitem operation. Currently, scangetnextrmapitem traverses every page address in a VMA to locate mergeable pages. This approach becomes...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: Support for mapping CBs with vmalloc-backed coherent memory was added. When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without setti...
KB5073698: Windows Server 2012 Security Update (January 2026)
The remote Windows host is missing security update 5073698. It is, therefore, affected by multiple vulnerabilities - An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in...
CVE-2021-28703
grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...
CVE-2020-12138
AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000225)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000225 advisory. An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of servic...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000244)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000244 advisory. In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NU...
CVE-2022-50849
In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmaping with VMIOREMAP An oops can be induced by running 'cat /proc/kcore /dev/null' on devices using pstore with the ram backend because kmapatomic assumes lowmem pages are accessible with va. Unable ...
SUSE CVE-2022-50874
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...
CVE-2023-54317
In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function blkdevissuezeropages submits a write bio with the bio vector pointing to the zero page. If we use dm-flakey with corrupt bio...
UBUNTU-CVE-2022-50874
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...
CVE-2022-50874 RDMA/erdma: Fix refcount leak in erdma_mmap
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...
CVE-2022-50874 RDMA/erdma: Fix refcount leak in erdma_mmap
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...
CVE-2023-54239 iommufd: Check for uptr overflow
In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARNONs, particularly from pinuserpages weirdly returning 0 due to invalid arguments. Prevent creating a pages...
CVE-2022-50819 udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf-sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason e.g. OOM the creation of the sg table fails, ubuf-sg needs to be set to NULL. Otherwise, when the userspa...
PT-2025-54110
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdma mmap rdma user mmap entry get take reference, we should release it when not need anymore, add the missing rdma user mmap entry put in the error path to fix it...
SUSE CVE-2022-50775
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix refcount leak in hnsrocemmap rdmausermmapentrygetpgoff takes the reference. Add missing rdmausermmapentryput to release the reference. Acked-by Haoyue Xu...
SUSE CVE-2023-54097
In the Linux kernel, the following vulnerability has been resolved: regulator: stm32-pwr: fix ofiomap leak Smatch reports: drivers/regulator/stm32-pwr.c:166 stm32pwrregulatorprobe warn: 'base' from ofiomap not released on lines: 151,166. In stm32pwrregulatorprobe, base is not released when...