109 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove the improper idxdfree The call to idxdfree introduces a duplicate putdevice call, resulting in a reference count underflow: refcountt: underflow; use-after-free. WARNING: CPU: 15, PID: 4428, at...
AlmaLinux 10 : kernel (ALSA-2026:18134)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:18134 advisory. kernel: tcpbpf: Fix the skmemuncharge logic in tcpbpfsendmsg CVE-2024-56633 kernel: KVM: x86: Load DR6 with guest value only before entering .vcpurun lo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: The error handling path in idxdcdevregister has been fixed. If a call to allocchrdevregion fails, the already allocated resources are being leaked. The necessary error handling path has been added to address this...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed a potential use-after-free issue in irqprocessworklist. The listforeachentry Safe function is used to allow iterating through the list and deleting entries during the iteration process. The descriptor is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed possible invalid memory accesses after the FLR Function Level Reset. In the case where the first FLR Function Level Reset is completed correctly, but during the second FLR, the scratch area for the saved...
CVE-2026-43064
A flaw was found in the Linux kernel's dmaengine IDXD driver. The workqueue associated with a Data Streaming Accelerator DSA or In-Memory Analytics Accelerator IAA device is not properly released when the object is freed. This resource leak may lead to a denial of service...
EUVD-2026-27362
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...
SUSE CVE-2026-31436
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...
SUSE CVE-2026-31441
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxdwqdisablecleanup which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty all its resourc...
SUSE CVE-2026-31443
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix crash when the event log is disabled If reporting errors to the event log is not supported by the hardware, and an error that causes Function Level Reset FLR is received, the driver will try to restore the...
CVE-2026-31441
A flaw was found in the Linux kernel's dmaengine: idxd module. This vulnerability occurs when a workqueue is reset, specifically within the idxdwqdisablecleanup function. The function prematurely sets the workqueue type to NONE before all associated resources are released, leading to a memory lea...
EUVD-2026-24768
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...
EUVD-2026-24772
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible invalid memory access after FLR In the case that the first Function Level Reset FLR concludes correctly, but in the second FLR the scratch area for the saved configuration cannot be allocated, it's...
CVE-2026-31436
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...
CVE-2026-31443
CVE-2026-31443 : Linux kernel, dmaengine: idxd driver fix. When hardware does not support event logging and a Function Level Reset (FLR) occurs, the driver previously attempted to restore the event log even if it was never allocated, and may crash. The fix ensures the event log is only freed if i...
CVE-2026-31441
CVE-2026-31441 affects the Linux kernel in the dmaengine: idxd component, where a memory leak occurs on workqueue reset. Root cause: idxd_wq_disable_cleanup() resets the wq type to NONE before resources are released. The upstream patch fixes the leak by ensuring resources are released before clea...
CVE-2026-31440
CVE-2026-31440 affects the Linux kernel’s dmaengine idxd driver. The issue arises during device removal when a reset clears configuration registers, causing the prior check for event log support to fail if evl is no longer valid. The propagated fixes remove the check for “evl” enabled state and i...
CVE-2026-31440
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...
CVE-2026-31436 dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc()
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...
PT-2026-34348
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash occurs in the dmaengine idxd driver when the event log is disabled. If the hardware does not support reporting errors to the event log and an error triggering a Function Level...