EUVD-2026-39344

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Skip CSD when it has zeroed workgroups A compute shader dispatch encodes its workgroup counts in the CFG0..CFG2 registers. Kicking off a dispatch with a zero count in any of the three dimensions is invalid. First, the...

CVE-2026-53141

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SETGLOBAL ioctl, v3dperfmonfind bumps the reference count on the perfmon it returns, but v3dperfmonsetglobalioctl and v3dperfmondelete fail to release that referen...

CVE-2026-53140

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix vaddr leak when indirect CSD has zeroed workgroups v3drewritecsdjobwgcountsfromindirect maps both the indirect buffer and the workgroup buffer and is expected to release them before returning. When any of the workgro...

CVE-2026-53140

The CVE-2026-53140 issue affects the Linux kernel’s DRM v3d code. A vaddr leak occurred in v3d_rewrite_csd_job_wg_counts_from_indirect() when the indirect CSD workgroup counts read as zero, causing an early bailout that skipped releasing the vaddr mappings for both the indirect buffer and the wor...

CVE-2026-53139

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Skip CSD when it has zeroed workgroups A compute shader dispatch encodes its workgroup counts in the CFG0..CFG2 registers. Kicking off a dispatch with a zero count in any of the three dimensions is invalid. First, the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fixed the issue of null pointer dereferencing of the pointer perfmon. In the unlikely event that the pointer perfmon is null, the WARNON return path occurs after the pointer has already been dereferenced. This issue was...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon if it is being destroyed. If the active performance monitor v3d-activeperfmon is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction, causing the...

CVE-2026-46314

A flaw was found in the Linux kernel's drm/v3d component. A local user can exploit this vulnerability by crafting a self-referential multisync extension with zero synchronization counts. This bypasses existing guards, leading to an infinite loop within the kernel. The consequence is a Denial of...

CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

UBUNTU-CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

EUVD-2026-35124

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

CVE-2026-46314 drm/v3d: Reject empty multisync extension to prevent infinite loop

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

CVE-2026-46314

The CVE concerns the Linux kernel’s drm/v3d component where v3d_get_extensions() walks a userspace-provided list of ioctl extensions without bound on chain length. A crafted self-referential extension (ext->next == &ext) with zero in_sync_count and out_sync_count can bypass the duplicate-exten...

PT-2026-47385

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A local user can cause an infinite loop in the kernel context by crafting a self-referential extension where ext-next == &ext with zero in sync count and out sync count. This occurs...

UBUNTU-CVE-2026-43302

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size mismatch. This is because 'maxsegsize' is not set. The kernel defaults ...

CVE-2026-43302

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size mismatch. This is because 'maxsegsize' is not set. The kernel defaults ...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-382654)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-382654 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure job pointer is set to NULL after job completion After a job completes, the...

EUVD-2022-54744

Malicious code in bioql PyPI...

EUVD-2025-2637

Malicious code in bioql PyPI...