687 matches found
PT-2026-43671
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the arena vm close function during a fork operation. The arena vm open function increments the vml-mmap count but fails to register the child Virtual...
CVE-2026-24195
NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service...
CVE-2026-24195
CVE-2026-24195 : NVIDIA GPU Display Driver for Linux contains a vulnerability in Unified Virtual Memory (UVM) where improper input validation could be exploited to cause a denial of service. The issue is listed in NVIDIA’s May 2026 security bulletin with a CVSS v3.1 base score of 7.1 (HIGH) and l...
PT-2026-43338
Name of the Vulnerable Software and Affected Versions NVIDIA Display Driver for Linux affected versions not specified Description A flaw exists in the Unified Video Memory UVM component due to improper input validation. This issue allows a user to trigger a condition that may result in a denial o...
OESA-2026-2418 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:mm/mempolicy: fix migratetonode assuming there is at least one VMA in a MMWe currently assume that there is at least one VMA in a MM, which isn ttrue.So we might...
OESA-2026-2417 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:mm/mempolicy: fix migratetonode assuming there is at least one VMA in a MMWe currently assume that there is at least one VMA in a MM, which isn ttrue.So we might...
fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free
...
CVE-2026-43497
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vmops to dlfbopsmmap to prevent use-after-free dlfbopsmmap uses remappfnrange to map vmalloc framebuffer pages to userspace but sets no vmops on the VMA. This means the kernel cannot track active mmaps. When...
CVE-2026-43497 fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vmops to dlfbopsmmap to prevent use-after-free dlfbopsmmap uses remappfnrange to map vmalloc framebuffer pages to userspace but sets no vmops on the VMA. This means the kernel cannot track active mmaps. When...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fbdev: udlfb module. In this module, the dlfbopsmmap function does not set vmops, causing the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Avoid reading the written value in the offset array. When sending a transaction, its offset array is first copied into the target process’s virtual memory area vma. Then, the values are read back from there. This is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Avoid corrupting the page-mapping in hugetlbmcopyatomicpte. In the MCOPYATOMICCONTINUE case with a non-shared VMA, the pages in the page cache are stored in the ptes. However, hugepageaddnewanonrmap is called for thes...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the mmap function to include VMIO and VMDONTDUMP. In commit 510410bfc034 “drm/msm: Implement mmap as a GEM object function”, we switched to a new and cleaner approach for handling this issue. That’s good, but we...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Do not report a bug if someone dirty pages without first consulting ext4. The unpinuserpagesremote function dirty pages without properly warning the file system in advance. Jan Kara noted this race condition in 20181...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Check ownership before using vma When installing missing pages or updating them, Rust Binder will look up the vma in the memory management unit by address, and then call vminsertpage or zappagerangesingle. However, if...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodation for VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: The user process sets up a gntdev mapping consisting of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021605 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migratetonode assuming there is at least one VMA in a MM We currently assume th...
Linux Distros Unpatched Vulnerability : CVE-2026-43434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021536)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021536 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...
CVE-2026-42006
An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass t...