33 matches found
CVE-2026-53206
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...
Linux Distros Unpatched Vulnerability : CVE-2026-53203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when check...
Linux Distros Unpatched Vulnerability : CVE-2026-53206
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized t...
CVE-2026-53203
A flaw was found in the Linux kernel's accel/ivpu component. This vulnerability, a buffer overflow, occurs when the firmware returns a size larger than the allocated buffer during a metric stream information query. This can lead to an incorrect buffer copy, potentially causing system instability ...
UBUNTU-CVE-2026-53206
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...
UBUNTU-CVE-2026-53202
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...
CVE-2026-53205
The CVE-2026-53205 issue is in the Linux kernel Intel Versatile Processing Unit (IVPU) accelerator driver (accel/ivpu). It stems from insufficient validation of read/write indices in the firmware log buffer, allowing potential out-of-bounds access if firmware supplies invalid indices. Affected sy...
CVE-2026-53206
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...
CVE-2026-53202
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...
CVE-2026-53203
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...
CVE-2026-53202 accel/ivpu: Fix signed integer truncation in IPC receive
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...
EUVD-2026-39294
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...
CVE-2026-43498
A flaw was found in the Linux kernel's accel/ivpu module. This vulnerability allows for the re-exporting of imported Graphics Execution Manager GEM buffers. When these buffers are re-exported, it leads to a loss of their original flag settings, which can result in incorrect device access and...
CVE-2026-43498
CVE-2026-43498 is a Linux kernel issue in the accel/ivpu path. The vulnerability stems from the ability to re-export imported GEM buffers; a fix adds a custom prime_handle_to_fd callback that checks if the GEM object is imported and returns -EOPNOTSUPP in that case. Under re-export scenarios, buf...
CVE-2025-68749 accel/ivpu: Fix race condition when unbinding BOs
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...
CVE-2025-68730
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpubounbindallbosfromcontext Don't add BO to the vdev-bolist in ivpugemcreateobject. When failure happens inside drmgemshmemcreate, the BO is not fully created and ivpugembofree callback will not be...
CVE-2025-68730
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpubounbindallbosfromcontext Don't add BO to the vdev-bolist in ivpugemcreateobject. When failure happens inside drmgemshmemcreate, the BO is not fully created and ivpugembofree callback will not be...
Linux Distros Unpatched Vulnerability : CVE-2025-68749
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the...
EUVD-2024-52569
Malicious code in bioql PyPI...
CVE-2025-39896 accel/ivpu: Prevent recovery work from being queued during device removal
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new recovery work items can be queued after device removal has started...