28 matches found
CVE-2026-59198 Pillow TGA RLE encoder can serialize up to ~57 KB of adjacent heap data into generated images
Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disabling MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this period e.g., from...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: check stream id dml21 wrapper to get planeid Why & How Fixed a false positive warning that occurs due to lack of correct checks when querying planeid in DML21. This fixes the warning that appears when performi...
SUSE CVE-2026-23213
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2026-23213
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2026-23213
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2026-23213 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2026-23213
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2026-23213
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2026-23213
CVE-2026-23213 affects the Linux kernel’s DRM/AMD/PM path. During an SMU Mode 1 reset, the ASIC goes through a reset cycle and becomes temporarily inaccessible via PCIe, risking uncompleted PCIe transactions that can trigger NMI panics or system hangs. The fix disables MMIO access during the offl...
Linux Distros Unpatched Vulnerability : CVE-2026-23213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed the issue where mode1 reset caused crashes. If the HW scheduler hangs and mode1 reset is used to recover the GPU, the KFD signals the user space to abort the processes. After the process aborts, user queues...
PT-2026-20425
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to memory management during System Management Unit SMU Mode 1 reset. During the reset cycle, the Application Specific Integrated Circuit ASIC...
Sanitization Bypass
python-ldap is vulnerable to Sanitization Bypass. The vulnerability is due to improper escaping in escapefilterchars when escapemode=1 is used, where crafted list or dict inputs bypass character escaping due to missing type validation, and attackers can exploit this to inject malicious LDAP filte...
SUSE CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
python-ldap has sanitization bypass in ldap.filter.escape_filter_chars
Summary The sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and the non-default escapemode=1 is configured. Details The method ldap.filter.escapefilterchars supports 3...
GHSA-R7R6-CC7P-4V5M python-ldap has sanitization bypass in ldap.filter.escape_filter_chars
Summary The sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and the non-default escapemode=1 is configured. Details The method ldap.filter.escapefilterchars supports 3...
CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61911 python-ldap has sanitization bypass in ldap.filter.escape_filter_chars
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
Linux Distros Unpatched Vulnerability : CVE-2025-37854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mode1 reset crash issue If HW scheduler hangs and mode1 reset is used to...