143 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau: Avoid a use-after-free when BO init fails nouveauboinit is backed by ttmboinit and passes its return value back to the caller. In case of failures, ttmboinit invokes the provided destructor, which should...
SUSE CVE-2026-52904
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly without unwinding the nvkmdevice that was just allocated by nvkmdevicepcine...
Linux Distros Unpatched Vulnerability : CVE-2026-52904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly withou...
CVE-2026-52904
A flaw was found in the Linux kernel's drm/nouveau component. This issue arises during device initialization when a specific function fails to properly release allocated memory resources. This memory leak can be triggered by a local user, potentially leading to system instability or a Denial of...
CVE-2026-52904
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly without unwinding the nvkmdevice that was just allocated by nvkmdevicepcine...
CVE-2026-52904
The CVE-2026-52904 entry covers a Linux kernel issue in drm/nouveau where nvkm_device leaks occur if aperture_remove_conflicting_pci_devices() fails during probe. The allocated nvkm_device from nvkm_device_pci_new() is not unwound on error, leaking both the device wrapper and the pci_enable_devic...
CVE-2026-46006
A flaw was found in the Linux kernel's drm/nouveau driver. An integer overflow vulnerability exists in the nouveaugempushbufrelocapply function. This occurs when a 32-bit unsigned integer relocbooffset is used in a bounds check, and the addition of a small value can cause it to wrap around, leadi...
CVE-2026-46006
The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...
CVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds check
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006
drm/nouveau: fix u32 overflow in pushbuf reloc bounds check...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed an stale locked mutex in nouveaugemioctlpushbuf If VMBIND is enabled on the client, the legacy submission ioctl cannot be used. However, if a client attempts to use it anyway, an error will be returned. In this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau/kms/nv50-: fixed the file release memory leak. When using singleopen for opening, singlerelease should be called; otherwise, the ‘op’ allocated in singleopen will be leaked...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed an issue where the BIOS boundary checking was off by one. Bounds checking during the parsing of init scripts embedded in the BIOS prevents access to the last byte. This causes driver initialization to fail on...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref on a nouveaubo without initializing it and thus the backing ttmbo leads to a refcount underflow. Instead of calling nouveauboref in the unwind path of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed a use-after-free in r535gsprpcpush. The RPC container is released after being passed to r535gsprpcsend. When sending the initial fragment of a large RPC and passing the caller’s RPC container, the container wil...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010783)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010783 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in nouveaugemprimeimportsgtable nouveauboinit is backed by...
ROS-20260126-73-0045
A vulnerability in the drm/nouveau component of the Linux operating system kernel is related to errors in updating the reference count. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Azure Linux 3.0 Security Update: kernel (CVE-2024-41095)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41095 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35786)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35786 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix stale locked...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37765)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37765 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttmbodelayeddele...