Lucene search
K

222 matches found

EUVD
EUVD
added 2026/07/01 1:32 p.m.10 views

EUVD-2026-40964

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7 elements, indexed 0..6. However, the offset parameter passed to...

5.8AI score0.00166EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 1:32 p.m.43 views

CVE-2026-53330 drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7 elements, indexed 0..6. However, the offset parameter passed to...

0.00166EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/22 8:59 p.m.11 views

CVE-2026-41071 libheif: Heap buffer over-read in SampleAuxInfoReader via crafted HEIF sequence file with mismatched saiz sample count

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

5.1CVSS5.7AI score0.00302EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.14 views

PT-2026-42834

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap-buffer-overflow out-of-bounds read occurs in the SampleAuxInfoReader constructor when parsing a crafted HEIF sequence file. The issue arises because the constructor iterates over the number o...

8.8CVSS5.8AI score0.00514EPSS
Exploits4References75
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed NULL pointer dereferencing in iceunplugauxdev when resetting. Issuing a reset command while the driver is loaded without RDMA support will result in a crash, as the function attempts to remove a nonexistent auxbus...

5.5CVSS5.7AI score0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed the issue where the aux device is unplugged when RDMA is not supported by the vport. If the vport flags do not contain VIRTCHNL2VPORTENABLERDMA, the driver does not allocate vdevinfo for this vport. This results in a...

5.2AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Do not double-unplug the aux device during a peer-initiated reset. In the IDC callback that is called when the aux drivers request a reset, the function to unplug the aux devices is executed. This function is also called in...

5.5CVSS5.9AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed ‘scheduling while atomic’ in aux critical error interrupts There’s a kernel bug related to processing aux critical error interrupts in icemiscintr: 2100.917085 BUG: Scheduling while atomic: swapper/15/0/0x00010000… …...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxtre: Avoid undefined behavior in bnxtqpliballocinithwq. Undefined behavior occurs when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case, rounduppowoftwohwqattr-auxstride is...

4.4CVSS6.4AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: perf/core: Abrupt exit if the requested AUX area is out of bounds. When using perf-record with a large AUX area, for example 4GB, the following error occurs: bash perf record -C 0 -m ,4G -e armspe0// -- sleep 1 Failed to mmap wit...

7.8CVSS6.2AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Avoid crashes due to unnecessary IDA frees. In the “remove path”, there is an attempt to free the auxidx IDA, regardless of whether it was allocated or not. This could potentially cause a crash when unloading the driver on...

5.5CVSS5.8AI score0.00196EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.11 views

CVE-2025-28344

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack...

7.5CVSS5.8AI score0.00329EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Striso Control Firmware 安全漏洞

Striso Control Firmware is an open-source MPE MIDI controller firmware developed by Striso. Version 54c9722 of Striso Control Firmware contains a security vulnerability, which stems from a buffer overflow in the AuxJack function...

7.5CVSS6AI score0.00329EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 3:16 p.m.10 views

CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/08 3:16 p.m.18 views

UBUNTU-CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.36 views

CVE-2026-43381 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43381

Summary : CVE-2026-43381 affects the Linux kernel nouveau driver. When runtime-suspend is active, a userspace process accessing /dev/drm_dp_* can trigger a system crash instead of receiving a proper busy status. The root cause is in the nouveau/dpcd path, where aux transfers may incorrectly crash...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39042

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nouveau/dpcd component where the system may crash in the GSP code when userspace attempts to use '/dev/drm dp ' while the device is in a runtime suspended state. T...

5.5CVSS5.5AI score0.00125EPSS
Exploits0References55
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device...

5.5CVSS6AI score0.00123EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/01 2:14 p.m.6 views

CVE-2026-31745

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in resetaddgpioauxdevice error path When auxiliarydeviceadd fails, resetaddgpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...

7.8CVSS5.7AI score0.0012EPSS
Exploits0
Rows per page
Query Builder