18 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-vntb: Remove duplicate resource teardown The epfntbepcdestroy function duplicates the teardown that the caller is supposed to perform later. This leads to an error when .allowlink fails, or when .droplink i...
CVE-2026-31594
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...
DEBIAN-CVE-2026-31594
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...
CVE-2026-31594 PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...
CVE-2026-31594
The CVE-2026-31594 issue is in the Linux kernel PCI endpoint framework (pci-epf-vntb). The root cause is a duplicate resource teardown in epf_ntb_epc_destroy(), causing an oops/kernel crash when .allow_link fails or .drop_link runs. The documented fix removes the helper and drops pci_epc_put(), t...
CVE-2026-31594
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...
CVE-2026-31594
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...
PT-2026-34946
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A duplicate resource teardown occurs in the PCI endpoint pci-epf-vntb. The function epf ntb epc destroy performs a teardown that the caller is already expected to execute. This redundanc...
CVE-2026-23032 null_blk: fix kmemleak by releasing references to fault configfs items
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
PT-2026-5535
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where references to fault configfs items are not released when a nullbX device is removed, leading to a kernel memory leak kmemleak. This occurs when t...
EUVD-2025-28930
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-39783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this fiel...
AZL-74679 CVE-2025-39783 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this field is a list head, not a list entry. This listdel call triggers a KASA...
UBUNTU-CVE-2025-39783
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this field is a list head, not a list entry. This listdel call triggers a KASA...
CVE-2025-39783
CVE-2025-39783: Linux kernel PCI endpoint. The configfs group handling in pci_epf_remove_cfs() incorrectly called list_del() on epf_group, which is a list head, causing a slab-use-after-free (KASAN) when tearing down endpoint function drivers with a configfs attribute group. The connected Astra L...
CVE-2025-39783 PCI: endpoint: Fix configfs group list head handling
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this field is a list head, not a list entry. This listdel call triggers a KASA...
CVE-2025-39783 PCI: endpoint: Fix configfs group list head handling
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this field is a list head, not a list entry. This listdel call triggers a KASA...
PT-2025-37240
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc2 Description: A flaw exists in the Linux kernel related to PCI endpoint configuration file system configfs group list head handling. An incorrect list del call within pci epf remove cfs can trigger a...