SUSE CVE-2026-45979

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...

PT-2026-44347

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer object bo leak occurs in the xe dma buf init obj function. When drm gpuvm resv object alloc fails, the pre-allocated storage bo is not freed. Because xe gem prime import cannot...

PT-2026-43846

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpu cs parser bos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpu bo list put as it's been handled in the amdgpu cs parser fin...

SUSE CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/ttm: Fixed the bug where a dummy res NULL pointer was dereferenced. Check the bo-resource value before accessing the memtype resource. v2: Fixed an issue with the commit description unwrapping warning. 40.191227 T184 Gener...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe: Do not allow eviction of BOs within the same VM in an array of VM binds An array of VM binds may potentially evict other buffer objects BOs within the same VM under certain conditions, which could lead to NULL pointer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This issue arises due to OOB access in amdgpuvmupdaterange when offsetinbo + mapsize causes an overflow. Changes made in versions v2 and v3: - The validations were retained in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010783 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in nouveaugemprimeimportsgtable nouveauboinit is backed by...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013052 advisory. In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This is motivated by OOB access in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007424)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007424 advisory. In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This is motivated by OOB access in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007318 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters o...

Linux Distros Unpatched Vulnerability : CVE-2026-23468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although...

EUVD-2026-18736

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...

CVE-2026-23468

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the nullptr error in vmhandlemoved. If amdgpubova is fpriv-prtva, the bo of this object is always NULL. Therefore, such amdgpubova should be updated separately before amdgpuvmhandlemoved...

EUVD-2025-205213

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...

CVE-2025-68749

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...

EUVD-2025-205067

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpubounbindallbosfromcontext Don't add BO to the vdev-bolist in ivpugemcreateobject. When failure happens inside drmgemshmemcreate, the BO is not fully created and ivpugembofree callback will not be...

CVE-2025-68749

CVE-2025-68749 (Linux kernel) relates to a race in the ivpu accelerator driver when unbinding BOs. The fix adds bo_list_lock protection around the unmapping sequence, ensuring a BO is fully unmapped either during context teardown or when still on the BOs list. This prevents the Memory manager war...