Lucene search
K

7267 matches found

OSV
OSV
added 2026/06/25 12:36 p.m.2 views

SUSE-SU-2026:2632-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

9.8CVSS6.4AI score0.00474EPSS
Exploits1References64
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39340

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...

5.9AI score0.00176EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39342

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...

6AI score0.00212EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39343

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...

5.7AI score0.00176EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53135

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...

5.5CVSS0.00176EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53135

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...

5.5CVSS5.9AI score0.00176EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53137

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...

7.8CVSS5.9AI score0.00212EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53143

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 The v11 MQD manager incorrectly assigned the CP-compute variants of checkpointmqd/restoremqd for KFDMQDTYPESDMA queues. These functions use sizeofstruct...

7CVSS6AI score0.00134EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53138

The CVE-2026-53138 issue affects the Linux kernel’s drm/amd/display driver. A malformed VBIOS image can cause unbounded record-chain walk loops in bios_parser.c and bios_parser2.c due to for(;;) loops that terminate only on a 0xFF sentinel or zero record_size. This can lead to a large number of i...

7.1CVSS5.7AI score0.00176EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53138

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...

7.1CVSS5.6AI score0.00176EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.28 views

CVE-2026-53138 drm/amd/display: Bound VBIOS record-chain walk loops

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...

0.00176EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53136

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

5.8AI score0.00172EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53136

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

7.8CVSS5.6AI score0.00172EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:38 a.m.9 views

CVE-2026-53136

The CVE-2026-53136 issue affects the Linux kernel in the DRM AMD display driver. It arises from VBIOS info fields HdmiRegNum and Hdmi6GRegNum being used as loop bounds to copy retimer I2C settings into fixed-size arrays without validation, enabling an out-of-bounds heap write during driver probe....

7.8CVSS5.7AI score0.00172EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53135

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...

5.5CVSS5.8AI score0.00176EPSS
Exploits0
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53053

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

8.8CVSS0.00128EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38989

In the Linux kernel, the following vulnerability has been resolved: amd-pstate: Fix memory leak in amdpstateeppcpuinit On failure to set the epp, the function amdpstateeppcpuinit returns with an error code without freeing the cpudata object that was allocated at the beginning of the function...

5.8AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:30 p.m.14 views

CVE-2026-53121

In the Linux kernel component amd-pstate, CVE-2026-53121 fixes a memory leak in the function amd_pstate_epp_cpu_init. On failure to set the epp, the function previously returned an error code without freeing the cpudata object allocated at the start. The patch ensures that the cpudata object is f...

5.8AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:30 p.m.6 views

CVE-2026-53114

CVE-2026-53114 affects the Linux kernel perf/amd/ibs component. The flaw arises from calling perf_allow_kernel() within the IBS NMI handler, which is unsafe and could be fatal. The fix caches the permission at event initialization by storing it in event->hw.flags and makes the NMI handler rely...

5.8AI score0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.27 views

CVE-2026-53053 iommu/amd: Fix clone_alias() to use the original device's devid

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

8.8CVSS0.00128EPSS
Exploits0References4
Rows per page
Query Builder