253 matches found
CVE-2026-53172
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix IFM region index out-of-bounds in command stream parser NPUSETIFMREGION extracts the region index with param & 0x7f, giving a maximum value of 127. However regionsize and outputregion in struct...
PT-2026-52299
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where the get info ioctl function fails to validate the info size returned from the metric stream info query against the allocated buffer size...
SUSE-SU-2026:2487-1 Security update for rmt-server
This update for rmt-server fixes the following issues - CVE-2026-26961: rack: mismatch in header handling can allow to smuggle multipart content bsc1261398. - CVE-2026-26962: rack: improper unfolding of folded multipart headers can lead to header injection or response splitting bsc1261471. -...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed an integer overflow in aie2queryctxstatusarray. The unpublished smatch static checker reported a warning. In drivers/accel/amdxdna/aie2pci.c, line 904 of aie2queryctxstatusarray: Warning: Potential...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Fixed the memory leak caused by slicing operations. The temporary buffer that stores slicing configuration data from the user is only freed in case of an error. This constitutes a memory leak. The buffer should be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Prevents ubuf size overflow. The ubuf size calculation may overflow, leading to under-sized allocations and potential memory corruption. Use the checkaddoverflow helper function to validate the size calculation...
MGASA-2026-0226 Updated ruby-rack packages fix security vulnerabilities
CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. Forwarded header semicolon injection enables Host and Scheme spoofing. CVE-2026-34230 Quadratic complexity in Rack::Utils.selectbestencoding via wildcard Accept-Encoding header. CVE-2026-34763 Root...
Linux Distros Unpatched Vulnerability : CVE-2026-45931
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm...
Linux Distros Unpatched Vulnerability : CVE-2026-45980
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/amdxdna: Stop job scheduling across aie2releaseresource Running jobs on a hardware context while it is in the process of releasing resources can lead to...
CVE-2025-71303
A flaw was found in the Linux kernel. Specifically, within the accel/amdxdna component, a timing issue, known as a race condition, exists during device power management. A local application could submit commands while the device is in an inconsistent state due to an incomplete resume operation...
SUSE CVE-2025-71303
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpmon When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command durin...
SUSE CVE-2026-45980
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2releaseresource Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before...
CVE-2026-45931
A flaw was found in the Linux kernel's accel/amdxdna module. This vulnerability occurs when the iommusvaunbinddevice function attempts to access a memory management mm structure after it has been deallocated, leading to a use-after-free condition. This can result in a system crash, causing a Deni...
CVE-2026-45980
A flaw was found in the Linux kernel's accel/amdxdna driver. A local user could exploit this vulnerability by running jobs on a hardware context while it is in the process of releasing resources. This improper job scheduling can lead to a use-after-free condition, resulting in system crashes and ...
UBUNTU-CVE-2026-45980
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2releaseresource Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before...
UBUNTU-CVE-2026-45931
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...
CVE-2026-45980 accel/amdxdna: Stop job scheduling across aie2_release_resource()
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2releaseresource Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before...
CVE-2026-45980
In the Linux kernel, the accel/amdxdna driver vulnerability CVE-2026-45980 arises from scheduling jobs on a hardware context while aie2_release_resource() is releasing resources. This can cause a use-after-free and crashes. The fix is to stop job scheduling before calling aie2_release_resource() ...
CVE-2026-45980
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2releaseresource Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before...
CVE-2025-71308
CVE-2025-71308 affects the Linux kernel accel/amdxdna module. The vulnerability arises when error handling in aie2_create_context() calls aie_destroy_context() with a NULL mailbox channel pointer, causing a potential NULL pointer dereference and system crash. The fix replaces the call to aie_dest...