193 matches found
EUVD-2026-37216
In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0133
In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0133
In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0133
Affected component: arm-smmu-v3.c (smmu_attach_dev). The issue is a missing permission check that can allow signing malicious Android Runtime bootclass artifacts, enabling local escalation of privilege without extra execution privileges. Exploitation requires local access; user interaction is not...
PUB-A-373409261
In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021587)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021587 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Defer probe of clients after smmu device bound Null pointer dereference occurs du...
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.2 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344515 CVE-2026-43284 5.15.0-320.202.8.1 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug...
Unbreakable Enterprise kernel security update: Dirty Frag
5.15.0-319.201.4.6 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39342679 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342679 CVE-2026-43284 5.15.0-319.201.4.5 - iommu/arm-smmu-v3: Handle zeroed A4-2C HTTU override settings...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fixed a possible null-ptr-deref in armsmmudeviceprobe. This issue could lead to a null-ptr-deref when using ‘res’, if platformgetresource returns NULL. Therefore, move operations using ‘res’ should be performed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fixed the issue of memory use-after-free. Currently, we call arm64mmcontextput without holding a reference to the MM register, which can lead to use-after-free. We call mmgrab/mmdrop to ensure that the MM...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: iommu/arm-smmu-v3: Fixed the soft lockup triggered by armsmmumminvalidaterange. When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------- watchdog:...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fixed the refcount leak in armsmmudevice when armsmmurpmget fails. The armsmmurpmget function invokes pmruntimegetsync, which increases the refcount of “smmu”. This occurs even though the return value is less than...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011049)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011049 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit armsmmupmuinit won't remove the callback...
CVE-2026-0027
In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0027
In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0027
In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0027
In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0027
In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0027
The CVE-2026-0027 issue affects the arm-smmu-v3.c function smmu_detach_dev, where a use-after-free can cause an out-of-bounds write. This vulnerability enables local privilege escalation with System execution privileges required; exploitation does not require user interaction. The available conne...