176 matches found
PT-2026-52922
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.22 Description An issue exists in the AMD IOMMU implementation where the rlookup amd iommu function indexes the rlookup table using the devid variable without performing a bounds check. When a PCI device has...
Linux Distros Unpatched Vulnerability : CVE-2026-52953
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU process: Oops: general protection fault, probably for non-canonical address...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In video/aperture, it is now possible to match the device in sysfbdisable optionally. In apertureremoveconflictingpcidevices, we currently only call sysfbdisable for VGA-class devices. This leads to the following issue when the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without this call, simpledrm may still bind to simple-framebuffer devices after...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed the incorrect use of pciforeachdmaalias for non-PCI devices. Previously, the domaincontextclear function incorrectly called pciforeachdmaalias to set up context entries for non-PCI devices. This could lead to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: The EEPROM and OTP sizes for PCI1xxxx devices have been modified. The maximum OTP and EEPROM sizes for PCI1xxxx devices are 8 Kb and 64 Kb respectively. The maximum size definitions have been adjusted, and the corre...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38422)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38422 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Modify the EEPROM and OTP...
CVE-2022-26358
IOMMU: RMRR VT-d and unity map AMD-Vi handling issues This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region...
PT-2025-54064
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the PCI/DOE subsystem related to the destroy work on stack function. This issue occurs when destroy work on stack is called after signaling completion in the...
UBUNTU-CVE-2025-40219
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" tried to fix a race between the VF removal inside sriovdelvfs and concurrent...
CVE-2025-40181
CVE-2025-40181 : In the Linux kernel x86/kvm, when running as an SNP/TDX guest, forcing the legacy PCI hole to UC by overriding MTRRs can cause ACPI-reported SystemMemory regions mapped as WB to conflict with device memory WC/UC requirements. This can lead to ioremap() failures for PCI devices (e...
CVE-2025-58149
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...
EUVD-2021-15359
Malware in sbrugna...
EUVD-2020-21929
Malware in sbrugna...
EUVD-2025-21765
Malicious code in bioql PyPI...
Ubuntu 24.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7790-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7790-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...
SUSE CVE-2022-50332
In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without, simpledrm can still bind to simple-framebuffer devices after the...
CVE-2022-50332
In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without, simpledrm can still bind to simple-framebuffer devices after the...
CVE-2022-50332 video/aperture: Call sysfb_disable() before removing PCI devices
In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without, simpledrm can still bind to simple-framebuffer devices after the...
CVE-2022-50332 video/aperture: Call sysfb_disable() before removing PCI devices
In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without, simpledrm can still bind to simple-framebuffer devices after the...