2645 matches found
CVE-2026-53137
A flaw was found in the Linux kernel's drm/amd/display component. A malicious HDMI repeater could exploit this vulnerability during HDCP 2.x repeater authentication by sending a message size larger than the allocated buffer. This could lead to an out-of-bounds write, potentially causing a denial ...
EUVD-2026-39343
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...
CVE-2026-53137
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL pointer dereference occurred in amdgpudmconnectoraddcommonmodes. In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode assigns mode to mode, and mode is directly passed to drmmodeprobedadd...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added an array index check for hdcp ddc access. Reason Coverity reports an OVERRUN warning. Do not check if the array index is valid. How Check that the msgid is valid and that the array index is valid...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fixed soft lockup issues. There is a while-loop in astdpsetonoff, which could lead to an infinite loop. This is because the register VGACRI-Dx checked in this API is actually a scratch register controlled by an MCU, name...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The default value of getbytesperelement has been set to 1. Variables that are used as denominators and may not be assigned to other values should not have a value of 0. bytesperelementy and bytesperelementc are...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fixed a null pointer dereferencing in nv17tvgetldmodes. In nv17tvgetldmodes, the return value of drmmodeduplicate is assigned to mode. This could lead to a NULL pointer dereferencing in case of a failure wit...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added a NULL check at the beginning of dcvalidatestream. Reason To prevent invalid memory access. How Check whether dc and stream are NULL...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added a check for granularity in the dml ceil/floor helpers. Why The wrapper functions for dcnbwceil2 and dcnbwfloor2 should check that granularity is non-zero, to avoid assertion errors and divide-by-zero errors...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid dereferencing a NULL pointer REASON Although unlikely, drmatomicgetnewconnectorstate or drmatomicgetoldconnectorstate may return NULL. SOLUTION Check the return value before dereferencing the variable...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The function dcstreamrelease is called when removing the link enc assignment. Why A porting error caused the stream assignment for the link to be retained instead of being released—resulting in a memory leak. How...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: add a check for dpuplaneatomicprintstate to prevent invalid sspp values. Similar to the rpipe sspp protection, a check is added to prevent printing of the pipe’s state in a way that could lead to a NULL pointer...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Skip wbsclsetscalerfilter if the filter is null. Callers can pass null as the filter value e.g., from the function wbsclgetfiltercoeffs16p, and a null check has been added to ensure that this does not occur...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added a null check for the ‘afb’ variable in the amdgpudmplanehandlecursorupdate function v2. This commit moves the null check for the ‘afb’ variable to the line where it is actually used in the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed memory leak. Why Resource release is necessary on the error handling path to prevent memory leaks. How This issue was fixed by adding the kfree function to the error handling path...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Ensure that the index calculations will never overflow. WHY & HOW Ensure that the calculations of vmid0p72idx, vnom0p8idx, and vmax0p9idx will never cause the array size to overflow. This fix addresses 3...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-8412-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8412-1 advisory. Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly...
USN-8412-1: QEMU vulnerabilities
Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly handled certain responses from an iSCSI server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary...
NVIDIA GPU Display Driver and vGPU Software Vulnerabilities - Lenovo Support US
No description provided...