CVE-2026-41071 libheif: Heap buffer over-read in SampleAuxInfoReader via crafted HEIF sequence file with mismatched saiz sample count

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

PT-2026-42834

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap-buffer-overflow out-of-bounds read occurs in the SampleAuxInfoReader constructor when parsing a crafted HEIF sequence file. The issue arises because the constructor iterates over the number o...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Do not double-unplug the aux device during a peer-initiated reset. In the IDC callback that is called when the aux drivers request a reset, the function to unplug the aux devices is executed. This function is also called in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: perf/core: Abrupt exit if the requested AUX area is out of bounds. When using perf-record with a large AUX area, for example 4GB, the following error occurs: bash perf record -C 0 -m ,4G -e armspe0// -- sleep 1 Failed to mmap wit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “ice”: Avoid crashes due to unnecessary IDA freeing. In the “remove path”, there is an attempt to free the auxidx IDA, regardless of whether it was actually allocated or not. This could potentially cause a crash when unloading th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed NULL pointer dereferencing in iceunplugauxdev when resetting. Issuing a reset command while the driver is loaded without RDMA support will result in a crash, as the function attempts to remove a nonexistent auxbus...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed ‘scheduling while atomic’ in aux critical error interrupts There’s a kernel bug related to processing aux critical error interrupts in icemiscintr: 2100.917085 BUG: Scheduling while atomic: swapper/15/0/0x00010000 …...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed the issue where the aux device is unplugged when RDMA is not supported by the vport. If the vport flags do not contain VIRTCHNL2VPORTENABLERDMA, the driver does not allocate vdevinfo for this vport. This results in a...

CVE-2025-28344

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack...

Striso Control Firmware 安全漏洞

Striso Control Firmware is an open-source MPE MIDI controller firmware developed by Striso. Version 54c9722 of Striso Control Firmware contains a security vulnerability, which stems from a buffer overflow in the AuxJack function...

CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

UBUNTU-CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

CVE-2026-43381 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

CVE-2026-43381

Summary : CVE-2026-43381 affects the Linux kernel nouveau driver. When runtime-suspend is active, a userspace process accessing /dev/drm_dp_* can trigger a system crash instead of receiving a proper busy status. The root cause is in the nouveau/dpcd path, where aux transfers may incorrectly crash...

PT-2026-39042

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nouveau/dpcd component where the system may crash in the GSP code if userspace attempts to use /dev/drm dp while the device is in a runtime suspended state. The...

Linux Distros Unpatched Vulnerability : CVE-2026-43381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bnxtre: Avoid undefined behavior in bnxtqpliballocinithwq Undefined behavior occurs when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case, “rounduppowoftwohwqattr-auxstride” is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: perf: armspe: Prevent overflow in PERFIDX2OFF By casting nrpages to unsigned long, an overflow can be avoided when handling large AUX buffer sizes = 2 GiB...

CVE-2026-31745

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in resetaddgpioauxdevice error path When auxiliarydeviceadd fails, resetaddgpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013728 advisory. In the Linux kernel, the following vulnerability has been resolved: perf: armspe: Prevent overflow in PERFIDX2OFF Cast nrpages to unsigned long to avoid overflow whe...