34 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Cleaned up integer overflow checks in mapuserpages. The encodedma function includes some validations for intrans-size. However, it would be clearer to move these checks to findandmapuserpages. encodedma had two checks...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Fixed the memory leak caused by slicing operations. The temporary buffer that stores slicing configuration data from the user is only freed in case of an error. This constitutes a memory leak. The buffer should be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Improved the bounds checking in decodemessage by copying the bounds checking from encodemessage to decodemessage. This patch addresses the following issues: - Ensure that there is enough space for at least one...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: A leak was fixed in mapuserpages. If getuserpagesfast allocates some pages, but not as many as we wanted, then the current code causes those pages to be leaked. Call putpage on the pages before returning...
CVE-2026-43007
A flaw was found in the accel/qaic component of the Linux kernel. When a user process terminates before the device's deactivation transaction for a Device-Bound Context DBC is fully processed, the host system can become out of sync with available DBCs. This can lead to a denial of service, where ...
CVE-2026-43007
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over the QAICCONTROL MHI channel. QAIC handles this by calling...
Linux Distros Unpatched Vulnerability : CVE-2023-53778
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move...
SUSE CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
UBUNTU-CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
CVE-2023-53778 accel/qaic: Clean up integer overflow checking in map_user_pages()
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
PT-2025-49638
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the accel/qaic component related to integer overflow checking within the map user pages function. The encode dma function previously had validation on...
CVE-2025-40177
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to...
accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages()
...
EUVD-2025-124911
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...
UBUNTU-CVE-2025-40172
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...
CVE-2025-40177
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to...
CVE-2025-40172
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...
Linux Distros Unpatched Vulnerability : CVE-2023-53493
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: accel/qaic: tighten bounds checking in decodemessage Copy the bounds checking from...
SUSE CVE-2023-53633
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix a leak in mapuserpages If getuserpagesfast allocates some pages but not as many as we wanted, then the current code leaks those pages. Call putpage on the pages before returning...
CVE-2023-53633 accel/qaic: Fix a leak in map_user_pages()
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix a leak in mapuserpages If getuserpagesfast allocates some pages but not as many as we wanted, then the current code leaks those pages. Call putpage on the pages before returning...