103 matches found
CVE-2026-53330 drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7 elements, indexed 0..6. However, the offset parameter passed to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Added protection against 0 vcpi When releasing a timeslot, there is a slight chance that we might end up with the wrong payload mask due to an overflow. This occurs if the delayeddestroywork function is called...
EUVD-2025-209969
In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if the delayeddestroywork ends up coming into play after a DP 2.1 monit...
CVE-2025-71305
In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if the delayeddestroywork ends up coming into play after a DP 2.1 monit...
UBUNTU-CVE-2025-71305
In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if the delayeddestroywork ends up coming into play after a DP 2.1 monit...
CVE-2025-71305
In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if the delayeddestroywork ends up coming into play after a DP 2.1 monit...
CVE-2025-71305
The provided connected sources confirm a concrete fix for CVE-2025-71305 in the Linux kernel DRM MST path. The vulnerability arose in drm/display/dp_mst_topology where, on timeslot release after a DP 2.1 monitor disconnect, the VCPI can become 0 and code could compute a payload mask as ~BIT(vcpi-...
CVE-2025-71305
In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if the delayeddestroywork ends up coming into play after a DP 2.1 monit...
PT-2026-43688
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DisplayPort Multi-Stream Transport MST component where releasing a timeslot can lead to an incorrect payload mask due to an overflow. This occurs if the delayed...
Linux Distros Unpatched Vulnerability : CVE-2025-71305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fixed the issue with the lifetime of the aux-bus EP device. Device-managed resources allocated after the component binding process must be tied to the lifetime of the DRM device. Otherwise, these resources may not be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Dropping aux devices along with the DP controller Using devres to depopulate the aux bus ensured that upon a probe delay, the EDP panel device would be destroyed and recreated upon the next attempt. However, the struc...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/i915: A possible refcount leak has been fixed in inteldpaddmstconnector. If drmconnectorinit fails, intelconnectorfree will be called to handle proper freeing of resources. Therefore, it is necessary to decrement the refcount...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Allowing devdata==NULL in intelbiosencodersupportsdpdualmode. If we don’t have a VBT, or if the VBT did not declare the encoder, we won’t have the “devdata” for that encoder. Instead of throwing an error, we should...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: Do not complete dpauxcmdfifotx if the irq is not for aux transfer. The DP controller handles three possible interrupt sources: HPDstatus, controller state changes, and Aux read/write transactions. At every irq, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Resources are freed after they are unregistered. The unbind operation of the DP component iterates through the submodules to unregister them and clean up the situation. However, if the unbind occurs because the DP...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fixed soft lockup issues. There is a while-loop in astdpsetonoff, which could lead to an infinite loop. This is because the register VGACRI-Dx checked in this API is actually a scratch register controlled by an MCU named...
EUVD-2026-28687
In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...
CVE-2026-43381 nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...
CVE-2026-43320
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue why Need to add function hook check before use...