446 matches found
CVE-2026-53177
In the Linux kernel, the bnxt_en driver fixes a NULL pointer dereference in PCIe error handling. The vulnerability arises when PCIe errors detected by a Root Port or Downstream Port trigger error recovery on subordinate devices even if the NIC is administratively down. Specifically, the .error_de...
EUVD-2026-39268
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer dereference PCIe errors detected by a Root Port or Downstream Port cause error recovery services to run on all subordinate devices regardless of administrative state. The .errordetected callback,...
EUVD-2026-38919
In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control Backbone timeout occurs at DBI register offset 0x8bc PCIEMISCCONTROL1OFF...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fixed the GCCGCCPCIEHOTRST definition for WCN7850 The GCCGCCPCIEHOTRST definition for WCN7850 was incorrectly set, causing a kernel crash on some specific platforms. Since the state of this register differs between...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: wifi: iwlwifi: pcie: fixed a possible NULL pointer dereference issue It is possible that iwlpciprobe may fail and free the trans structure. After that, iwlpciRemove may be called, but it will crash when trying to access a tran...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In the SR-IOV environment, the value of pcietable-numoflinklevels will be 0, and numoflevels - 1 will cause an array index out of bounds...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fixed the issue where the link state was exited during the removal of an upstream function. Before version 456d8aa37d0f “PCI/ASPM: Disabled ASPM during the removal of an MFD function to avoid use-after-free”, we only...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hiding the first-in-list PCIe extended capabilities There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability i.e., a capability with an ID greater than...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: igc: Restored the IGCREMOVED logic and implemented it correctly. The initially merged version of the igc driver code via commit 146740f9abc4, “igc: Add support for PF” contained the following IGCREMOVED checks in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion related to the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek – Fixed a refcount leak in mtkpciesubsyspowerup. The offindcompatiblenode function returns a node pointer whose refcount has been incremented. We should use ofnodeput on it after processing. Also, add the missing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed NULL dereferencing in the error path during SR-IOV VF creation. Fixed issues when virtfn setup fails, preventing NULL pointer dereferencing during device removal. The kernel error occurred due to incorrect error...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: pcie: Fixed an integer overflow in the iwlwritetouserbuf function. An integer overflow occurs in the iwlwritetouserbuf function, which is called by the iwldbgfsmonitordataread function. The function is as follows: ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “drm/amd: Check if ASPM is enabled from the PCIe subsystem” has been reverted. This reversion is associated with the commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after the commit...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: igb: Cleanup in all error paths when enabling SR-IOV After commit 50f303496d92 “igb: Enabling SR-IOV after reinit”, removing the igb module could cause a hang or crash depending on the machine when the module was loaded with t...
EUVD-2025-209876
Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...
SUSE CVE-2026-43130
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac "iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected" relies on pcidevisdisconnected to skip ATS...
SUSE CVE-2026-43161
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...
CVE-2026-43161
A flaw was found in the Linux kernel's Intel IOMMU Input/Output Memory Management Unit virtual technology for directed I/O VT-d subsystem. When a PCIe Peripheral Component Interconnect Express endpoint device, especially when passed through to userspace applications like QEMU or DPDK, unexpectedl...
CVE-2026-43130
A flaw was found in the Linux kernel. When handling PCIe devices in scalable mode, the kernel may attempt to flush the device IOTLB Input/Output Translation Lookaside Buffer without verifying if the PCIe device is still accessible after a link-down fault. This improper handling during resource...