846 matches found
Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Node.js
Summary There are multiple vulnerabilities in Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-44664 DESCRIPTION: fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment...
UBUNTU-CVE-2025-71308
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...
CVE-2026-46060 crypto: qat - fix IRQ cleanup on 6xxx probe failure
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...
CVE-2026-46060
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...
CVE-2026-45908
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...
CVE-2026-45900
The CVE-2026-45900 issue affects the Linux kernel crypto/caam path for DPAA2: after embeddable net_dev structures were changed to dynamic pointers, error paths in dpaa2_dpseci_setup could leak netdev allocations if dpaa2_dpseci_dpio_setup() failed, even with deferred probing. The fix preserves th...
CVE-2025-71303
CVE-2025-71303 in the Linux kernel’s accel/amdxdna driver fixes a race during autosuspend where the rpm_on flag could cause a userspace command to be processed before the device has actually resumed. The change removes rpm_on usage and introduces aie2_pm_set_dpm() , which resumes the device befor...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iommusvaunbinddevice function in accel/amdxdna, where it accesses iommumm after releasing the...
CVE-2025-71308
accel/amdxdna: Fix potential NULL pointer dereference in context cleanup...
CVE-2026-45980
accel/amdxdna: Stop job scheduling across aie2releaseresource...
USN-8296-2: Linux kernel (NVIDIA Tegra) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...
Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Linux Distros Unpatched Vulnerability : CVE-2026-43498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if t...
SUSE CVE-2026-43498
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if the object is imported and returns -EOPNOTSUPP if so. Re-exporting...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a check to re-export GEM objects in accel/ivpu. This could lead to the loss of buffer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fix DMA corruption on long hmac keys When a key longer than the block size is provided, it is copied and then hashed into the actual key. The memory allocated for the copy needs to be rounded to the DMA cache...
CVE-2026-43330
A flaw was found in the Linux kernel's caam cryptographic accelerator driver. When processing a Hash-based Message Authentication Code HMAC key that exceeds the block size, the driver incorrectly handles memory allocation and copying. This can lead to an overflow, where the system attempts to rea...
SUSE CVE-2026-43446
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workqueue before suspending the device. If a job is still executing and calls pmruntimeresumeandget, it can...
CVE-2026-20714
Out-of-bounds write for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...
CVE-2026-20905
Improper input validation for some IntelR QAT software drivers for Windows before version 2.6 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...