51 matches found
CVE-2026-53295
In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...
CVE-2026-53295
In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...
PT-2026-52934
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mailbox component where the system fails to perform a sanity check for the channel array. If no channel array is attached to the mailbox controller, a subsequent...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/connector: Only call HDMI audio helper pluggedcb if fn is not null. During driver removal, sound/soc/codecs/hdmi-codec.c calls pluggedcb with NULL as the callback function and codecdev. This is evident in the hdmiremove...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: APEI/GHES: ARM processor Error: Do not go past allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic will fail to deferrence err-sectionlength and ctxinfo-size. Add...
SUSE CVE-2026-46105
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...
EUVD-2026-32864
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...
CVE-2026-46105
CVE-2026-46105 affects the Linux kernel mpt3sas SCSI driver. The driver allocates a fixed 4K PRP list buffer, which caps the maximum NVMe I/O transfer size at 2 MiB. The HBA firmware reports NVMe MDTS, but the mismatch with the 2 MiB limit can lead to oversized I/O requests and potentially a kern...
SUSE CVE-2026-43201
In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic will fail to deferrence err-sectionlength and ctxinfo-size Add checks ...
CVE-2026-43201
In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic will fail to deferrence err-sectionlength and ctxinfo-size Add checks ...
CVE-2026-31435
Summary: CVE-2026-31435 affects the Linux kernel netfs read-abandonment path during retries. The root cause is an uninitialized/invalid subreq pointer used in the abandonment flow, which can lead to abandoning remaining subrequests incorrectly and may cause a kernel oops/DoS. Several connected ad...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010962)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010962 advisory. In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpubuffer during resize process When ringbufferswapcpu was called during...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-011280)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011280 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port-pm on uartchangepm Unloading a hardware specific 8250 driver can...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006893)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006893 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006584)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006584 advisory. In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in th...
SUSE CVE-2026-23282
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...
CVE-2026-23329 libie: don't unroll if fwlog isn't supported
In the Linux kernel, the following vulnerability has been resolved: libie: don't unroll if fwlog isn't supported The libiefwlogdeinit function can be called during driver unload even when firmware logging was never properly initialized. This led to call trace: 148.576156 Oops: Oops: 0000 1 SMP...
SUSE CVE-2023-54298
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quarkdts: fix error pointer dereference If allocsocdts fails, then we can just return. Trying to free "socdts" will lead to an Oops...
SUSE CVE-2025-68228
In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...
EUVD-2025-203668
In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...