Lucene search
K

167 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 5:49 p.m.9 views

CVE-2026-52950

A flaw was found in the Linux kernel, specifically within the drm/xe/dma-buf component. This Use-After-Free UAF vulnerability occurs due to an issue in a retry loop, where a buffer object is prematurely freed on error. An attacker could potentially exploit this to cause memory corruption, leading...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38818

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

5.7AI score0.00132EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:28 p.m.20 views

CVE-2026-52951

CVE-2026-52951 affects the Linux kernel, in the drm/xe/dma-buf subsystem, due to race conditions in the invalidate_mappings hook during BO (buffer object) handling. The issue arises when xe_bo_alloc() and an attach occur before xe_dma_buf_init_obj() completes, making the BO visible on the attachm...

7.8CVSS6AI score0.00132EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:28 p.m.2 views

CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS5.8AI score0.00132EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The issue related to synchronization in amdgpudmabufMoveNotify has been fixed. Invalidating a dmabuf will affect other users of the shared BO. In the scenario where Process A moves the BO, it needs to inform Process B...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51845

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the drm/xe/dma-buf subsystem involving race conditions when handling the invalidate mappings hook during buffer object initialization and attachment. These races occur...

7.8CVSS5.9AI score0.00132EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.11 views

SUSE CVE-2026-46312

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References3
CVE
CVE
added 2026/06/08 3:50 p.m.41 views

CVE-2026-46312

CVE-2026-46312 is a Linux kernel vulnerability involving media: videobuf2 where vb2_dma_sg_mmap did not set the VMA flags, potentially triggering a WARN_ON in drm_gem_mmap_obj() during mmap() of an imported dma-buf. The fix adds proper VMA flag handling in vb2_dma_sg_mmap_mmap (consistent with vb...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/08 3:50 p.m.12 views

EUVD-2026-35122

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

5.4AI score0.00114EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.13 views

SUSE CVE-2026-46201

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

5.5CVSS5.8AI score0.00138EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-46201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach...

7.8CVSS7.1AI score0.00138EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 9:8 p.m.12 views

CVE-2026-46201

A flaw was found in the Linux kernel's drm/xe subsystem. When handling dma-buf attachments, a resource leak occurs if the initialization of a dma-buf object fails, as the attachment is not properly detached. This oversight can lead to resource exhaustion, potentially allowing a local attacker to...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/28 9:40 a.m.14 views

EUVD-2026-32828

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

5.8AI score0.00138EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Added outer runtime PM protection to xelivektest@xedmabuf. Any process using the kunit interface that performs memory accesses should receive its own outer runtime PM protection, since it does not use the standard driver...

5.5CVSS6AI score0.00196EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dma-buf/syncfile: Do not leak fences during merge failures. Each call to addfence performs a dmafenceget operation on the relevant fence. In error-prone scenarios, we did not call dmafenceput, resulting in all those fences bei...

5.5CVSS6AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fixed a double-free in the dma-buf feature. The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport. Instead, it proceeds through the entire unwind chain. In the...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fixed potential Spectre v1 gadget It appears that nr could be a Spectre v1 gadget, as it is provided by a user and used as an array index. This issue prevents the contents of kernel memory from being leaked to use...

5.5CVSS6AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: Do not enable IRQ from syncprintobj. Since the commit a6aa8fca4d79 “dma-buf/sw-sync: Reduce irqsave/irqrestore from known context”, an error occurred when spinunlockirqrestore was replaced with spinunlockirq for...

5.5CVSS6.4AI score0.00187EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.10 views

SUSE CVE-2026-43318

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpudmabufmovenotify Invalidating a dmabuf will impact other users of the shared BO. In the scenario where process A moves the BO, it needs to inform process B about the move and process B will...

5.9AI score0.00122EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/23 11:6 a.m.12 views

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38449, CVE-2025-22097, CVE-2025-38332, CVE-2025-38352 Vulnerability Details CVEID:CVE-2025-38449 DESCRIPTION: In the Linux kernel, the following vulnerability has been...

7.8CVSS5.8AI score0.00181EPSS
Exploits0Affected Software1
Rows per page
Query Builder