Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1, Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/vmwgfx: Fixed a deadlock in DMA buffer fence polling. A new version of the fence operations was introduced, which, upon release, does not remove the fences from the pending list. This eliminates the need for a lock to...

SUSE CVE-2026-46312

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

EUVD-2026-35122

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

CVE-2026-46312

The CVE-2026-46312 vulnerability in the Linux kernel concerns media: videobuf2. A fix was applied to vb2_dma_sg_mmap to set VMA flags (VM_DONTEXPAND/VM_DONTDUMP) so that vb2_dma_sg behaves consistently with vb2_dma_contig. This change prevents a WARN_ON in drm_gem_mmap_obj() during mmap() of an i...

SUSE CVE-2026-46201

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

Linux Distros Unpatched Vulnerability : CVE-2026-46201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach...

CVE-2026-46201

A flaw was found in the Linux kernel's drm/xe subsystem. When handling dma-buf attachments, a resource leak occurs if the initialization of a dma-buf object fails, as the attachment is not properly detached. This oversight can lead to resource exhaustion, potentially allowing a local attacker to...

EUVD-2026-32828

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential Spectre v1 gadget It seems that nr might be a Spectre v1 gadget, as it is provided by a user and used as an array index. This issue prevents the contents of kernel memory from being leaked to user...

SUSE CVE-2026-43318

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpudmabufmovenotify Invalidating a dmabuf will impact other users of the shared BO. In the scenario where process A moves the BO, it needs to inform process B about the move and process B will...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dma-buf/syncfile: Do not leak fences during merge failures. Each call to addfence performs a dmafenceget operation on the relevant fence. In error-prone scenarios, we did not call dmafenceput, resulting in all those fences bei...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Added outer runtime PM protection to xelivektest@xedmabuf. Any process using the kunit interface that performs memory accesses should receive its own outer runtime PM protection, since it does not use the standard driver...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fixed a double-free in the dma-buf feature. The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport. Instead, it proceeds through the entire unwind chain. In the...

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38449, CVE-2025-22097, CVE-2025-38332, CVE-2025-38352 Vulnerability Details CVEID:CVE-2025-38449 DESCRIPTION: In the Linux kernel, the following vulnerability has been...

SUSE CVE-2026-31468

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport, instead falling through the entire unwind chain. In the unlikely event...

openSUSE 16 Security Update : gnome-remote-desktop (openSUSE-SU-2026:20590-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20590-1 advisory. Update to version 48.3. Security issues fixed: - CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Other updates and...

CVE-2026-31468

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport, instead falling through the entire unwind chain. In the unlikely event...

CVE-2026-31468 vfio/pci: Fix double free in dma-buf feature

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport, instead falling through the entire unwind chain. In the unlikely event...

CVE-2026-31468

CVE-2026-31468 affects the Linux kernel vfio/pci dma-buf feature. The issue is an error-path handling bug in vfio_pci_core_feature_dma_buf() that can cause an unbalanced refcount and a double free under certain conditions (e.g., file descriptor exhaustion). The documented fix moves the dma_buf_pu...

PT-2026-34373

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfio pci core feature dma buf ignores its own advice to only use dma buf put after dma buf export, instead falling through the entire unwind chain. In the unlike...