222 matches found
EUVD-2026-40964
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7 elements, indexed 0..6. However, the offset parameter passed to...
CVE-2026-53330 drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7 elements, indexed 0..6. However, the offset parameter passed to...
CVE-2026-41071 libheif: Heap buffer over-read in SampleAuxInfoReader via crafted HEIF sequence file with mismatched saiz sample count
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...
PT-2026-42834
Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap-buffer-overflow out-of-bounds read occurs in the SampleAuxInfoReader constructor when parsing a crafted HEIF sequence file. The issue arises because the constructor iterates over the number o...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed NULL pointer dereferencing in iceunplugauxdev when resetting. Issuing a reset command while the driver is loaded without RDMA support will result in a crash, as the function attempts to remove a nonexistent auxbus...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: fixed the issue where the aux device is unplugged when RDMA is not supported by the vport. If the vport flags do not contain VIRTCHNL2VPORTENABLERDMA, the driver does not allocate vdevinfo for this vport. This results in a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Do not double-unplug the aux device during a peer-initiated reset. In the IDC callback that is called when the aux drivers request a reset, the function to unplug the aux devices is executed. This function is also called in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed ‘scheduling while atomic’ in aux critical error interrupts There’s a kernel bug related to processing aux critical error interrupts in icemiscintr: 2100.917085 BUG: Scheduling while atomic: swapper/15/0/0x00010000… …...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bnxtre: Avoid undefined behavior in bnxtqpliballocinithwq. Undefined behavior occurs when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case, rounduppowoftwohwqattr-auxstride is...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Abrupt exit if the requested AUX area is out of bounds. When using perf-record with a large AUX area, for example 4GB, the following error occurs: bash perf record -C 0 -m ,4G -e armspe0// -- sleep 1 Failed to mmap wit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: Avoid crashes due to unnecessary IDA frees. In the “remove path”, there is an attempt to free the auxidx IDA, regardless of whether it was allocated or not. This could potentially cause a crash when unloading the driver on...
CVE-2025-28344
striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack...
Striso Control Firmware 安全漏洞
Striso Control Firmware is an open-source MPE MIDI controller firmware developed by Striso. Version 54c9722 of Striso Control Firmware contains a security vulnerability, which stems from a buffer overflow in the AuxJack function...
CVE-2026-43381
In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...
UBUNTU-CVE-2026-43381
In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...
CVE-2026-43381 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...
CVE-2026-43381
Summary : CVE-2026-43381 affects the Linux kernel nouveau driver. When runtime-suspend is active, a userspace process accessing /dev/drm_dp_* can trigger a system crash instead of receiving a proper busy status. The root cause is in the nouveau/dpcd path, where aux transfers may incorrectly crash...
PT-2026-39042
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nouveau/dpcd component where the system may crash in the GSP code when userspace attempts to use '/dev/drm dp ' while the device is in a runtime suspended state. T...
Linux Distros Unpatched Vulnerability : CVE-2026-43381
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device...
CVE-2026-31745
In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in resetaddgpioauxdevice error path When auxiliarydeviceadd fails, resetaddgpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...