CVE-2025-71313

The connected CVE details describe a Linux kernel issue in PCI: endpoint where alloc_workqueue() could return NULL on memory allocation failure. Without proper checks, a NULL workqueue pointer could lead to a NULL dereference when queue_work() is invoked in epf_ntb_epc_init(). The fix adds a NULL...

CVE-2026-46092

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...

EUVD-2026-32475

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...

CVE-2026-45880 PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap doesn't invoke percpurefput to free the per-CPU ref of pgmap acquired after genpoolallocowner, and...

CVE-2026-45880

The CVE-2026-45880 entry concerns the Linux kernel PCI/P2PDMA path. When vm_insert_page() fails inside p2pmem_alloc_mmap(), the code path does not call percpu_ref_put() to release the per-CPU reference of the pgmap acquired after gen_pool_alloc_owner(). As a result, memunmap_pages() can hang inde...

CVE-2026-45880

PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails...

PT-2026-43876

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epf ntb epc destroy duplicates the teardown that the caller is supposed to do later. This leads to an oops when .allow link fails or when .drop link is performed...

PT-2026-43747

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vm insert page fails When vm insert page fails in p2pmem alloc mmap, p2pmem alloc mmap doesn't invoke percpu ref put to free the per-CPU ref of pgmap acquired after gen pool alloc owner,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in snruncoremmiomap. pcigetdevice increases the reference count of the returned pcidev. Therefore, snruncoregetmcdev will return a pcidev with its reference count increased...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fixed a crash in hvpcirestoremsimsg during hibernation. When a Linux virtual machine with a assigned PCI device runs on Hyper-V, if the PCI device driver is not yet loaded i.e., MSI-X/MSI is not enabled on the device,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent. If the controller is not marked as cache coherent, then the kernel will try to ensure coherence during DMA operations, which may lead to data corruption. Therefore...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices was fixed in dmardevscopeinit. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: The notifiers are shared by the PCI and VIO buses. The failiommusetup function registers the failiommubusnotifier struct for both PCI and VIO buses. The struct notifierblock is a linked list node; therefore, any...

EUVD-2025-209863

Improper input validation in the AMD Secure Processor ASP PCI driver could allow a local attacker to trigger a Use-After-Free UAF condition, potentially resulting in a loss of platform integrity or crash...

PT-2026-41227

Improper Input validation in the AMD Secure Processor ASP PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service...

EUVD-2026-28754

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvmepollirqdisable In the following scenario, pdev can be disabled between 1 and 3 by 2. This sets pdev-msixenabled = 0. Then, pciirqvector will return MSI-X IRQ15 for 1 whereas return INTx IRQcqvector...

CVE-2026-43211

A flaw was found in the Linux kernel. An error in the PCI Peripheral Component Interconnect subsystem's lock management, specifically within the pcislottrylock function, can lead to system instability. This occurs when a lock is incorrectly released, potentially causing warnings or interfering wi...

CVE-2026-43147

A flaw was found in the Linux kernel. A local user can cause a system deadlock by performing specific operations related to SR-IOV Single Root I/O Virtualization device removal. This occurs due to a recursive lock acquisition within the PCI Peripheral Component Interconnect subsystem, specificall...

CVE-2026-43213

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...

CVE-2026-43211

CVE-2026-43211 – Linux kernel PCI slot lock handling fix The issue arises in PCI lock management: pci_slot_trylock() incorrectly handled unlocking when nested locks fail, due to an extra pci_dev_unlock(dev) on the failure path after delegating to pci_bus_trylock(). This could trigger a warning ab...