12 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/prime: Use dmabuf from GEM object instance’” This change is reflected in commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in the struct drmgemobject is not stable throughout the lifetime of the objec...
CVE-2025-38674
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dmabuf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes NU...
CVE-2025-38674
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dmabuf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes NU...
CVE-2025-38674 Revert "drm/prime: Use dma_buf from GEM object instance"
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dmabuf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes NU...
CVE-2025-37765 drm/nouveau: prime: fix ttm_bo_delayed_delete oops
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttmbodelayeddelete oops Fix an oops in ttmbodelayeddelete which results from dererencing a dangling pointer: Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 1...
CVE-2021-47200
A use after free law was found in drivers/gpu/drm/drmprime.c in the Linux kernel, occuring in mmap with drmgemttmmmap...
CVE-2021-47200
In the Linux kernel, the following vulnerability has been resolved: drm/prime: Fix use after free in mmap with drmgemttmmmap drmgemttmmmap drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drmgemprimemmap, that drop will free the gem object, and the...
CVE-2021-47200
In the Linux kernel, the following vulnerability has been resolved: drm/prime: Fix use after free in mmap with drmgemttmmmap drmgemttmmmap drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drmgemprimemmap, that drop will free the gem object, and the...
UBUNTU-CVE-2021-47200
In the Linux kernel, the following vulnerability has been resolved: drm/prime: Fix use after free in mmap with drmgemttmmmap drmgemttmmmap drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drmgemprimemmap, that drop will free the gem object, and the...
CVE-2021-47200
CVE-2021-47200 is a Linux kernel security issue affecting DRM/GEM objects during mmap via drm_gem_ttm_mmap. The root cause is dropping a gem object's reference on success and subsequently dereferencing after a potential use-after-free if the object’s refcount was 1 on entry to drm_gem_prime_mmap(...
CVE-2021-47200
In the Linux kernel, the following vulnerability has been resolved: drm/prime: Fix use after free in mmap with drmgemttmmmap drmgemttmmmap drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drmgemprimemmap, that drop will free the gem object, and the...
UVI-2021-1002305 drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap
drm/prime: Fix use after free in mmap with drmgemttmmmap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...