Linux Distros Unpatched Vulnerability : CVE-2026-45880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap doesn't invoke percpurefput to free th...

CVE-2026-45904

A flaw was found in the Linux kernel's PowerPC Enhanced Error Handling EEH driver. This issue involves a recursive locking mechanism where the system attempts to acquire a Peripheral Component Interconnect PCI bus lock multiple times. This can lead to a system deadlock, causing unresponsiveness a...

UBUNTU-CVE-2026-45880

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap doesn't invoke percpurefput to free the per-CPU ref of pgmap acquired after genpoolallocowner, and...

CVE-2026-45904

powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling...

CVE-2026-43313

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpiprocessorerratapiix4 In acpiprocessorerratapiix4, the pointer dev is first assigned an IDE device and then reassigned an ISA device: dev = pcigetsubsys...,...

SUSE CVE-2026-43213

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: A possible memory leak caused by the missing pcidevput has been fixed. pcigetdevice will increase the reference count of the returned pcidev. We need to use pcidev PUT to decrease the reference count before amdpro...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fixed a kernel panic that occurred during PIO transfers. Attempting to initiate a new PIO transfer by setting the PIOSTART register to 0, when the previous transfer has not yet completed indicated by a value of 1 i...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: arcnet: com20020: Fixed nullptrderef in com20020pciprobe During driver initialization, the pointer to card info is required—specifically, the variable ‘ci’. However, the definition of ‘com20020pciidtable’ indicates that this...

SUSE CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery. Instead, use devicelock instead of pcidevlock...

EUVD-2023-60350

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses failiommusetup registers the failiommubusnotifier struct to both PCI and VIO buses. struct notifierblock is a linked list node, so this causes any notifiers later...

CVE-2023-54095

CVE-2023-54095 affects the Linux kernel on PowerPC where powerpc/iommu notifiers were registered to both PCI and VIO buses using the same notifier_block. This caused a linked-list sharing issue: notifiers registered for one bus were also registered for the other, potentially triggering invalid ac...

PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from TDX/SNP not forcing the mapping of legacy PCI nulls to UCs, which could result in a memory type error...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990881)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990881 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata i2037 AM65x SR 1.0 Errata i2037 in AM65x/DRA80xM...

EUVD-2025-34828

An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 2020-05-20 to commit 480907 2025-07-06 allows local attackers to cause a denial of service host hypervisor crash via a crafted PCI configuration space access. Given it's a heap overflow in a privileged...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly releasing PCI device reference counts, which could lead to a memory leak...

SUSE CVE-2022-50464

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fix PCI device refcount leak in mt7915pciinithif2 As comment of pcigetdevice says, it returns a pcidevice with its refcount increased. We need to call pcidevput to decrease the refcount. Save the return value of...

DEBIAN-CVE-2023-53363

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pcibusreleasedomainnr Commit c14f7ccc9f5d "PCI: Assign PCI domain IDs by idaalloc" introduced a use-after-free bug in the bus removal cleanup. The issue was found with kfence: 19.293351 BUG: KFENCE:...