xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Ensure that dma-fences comply with safe access rules. The xe mechanism can free some of the data pointed to by the dma-fences it exports. Notably, the “timeline name” can be freed if the user space closes the associated...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Install a stub fence into potential unused fence pointers. When using cpu to update page tables, VM update fences are unused. Install a stub fence into these fence pointers instead of using NULL. This prevents NULL...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dma-buf: A memory barrier should be inserted before updating numfences. smpstoremb inserts a memory barrier after storing data. This differs from what the comment originally intended; a null pointer dereferencing can occur if the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/ttm: fixed a memory leak in ttmtransferedDestroy. We also need to clean up the fences related to ghost objects. Bug: https://bugzilla.kernel.org/showbug.cgi?id=214029 Bug: https://bugzilla.kernel.org/showbug.cgi?id=214447...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the dmafencechainalloc function during execution. As a result, user-fence referenc...

OPENSUSE-SU-2026:20642-1 Security update for libsodium

This update for libsodium fixes the following issues: Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006749)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006749 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: install stub fence into potential unused fence pointers When using cpu to update page...

EUVD-2026-15304

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too small numfences, or the required number can legitimately grow between the two calls to the userq wait...

CVE-2026-23338

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too small numfences, or the required number can legitimately grow between the two calls to the userq wait...

CVE-2026-23338

The CVE-2026-23338 issue affects the Linux kernel component drm/amdgpu/userq. Userspace can trigger kernel warnings by providing an incorrect or growing number of fences across a userq wait ioctl, causing a backtrace to be emitted. The fix removes WARN_ONs so that, when the kernel detects nothing...

CVE-2026-23338 drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too small numfences, or the required number can legitimately grow between the two calls to the userq wait...

kernel: drm/xe: Make dma-fences compliant with the safe access rules

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: drm/xe: Make dma-fences compliant with the safe access rules

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

kernel: drm/xe: Make dma-fences compliant with the safe access rules

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

AlmaLinux 9 : kernel (ALSA-2026:0793)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0793 advisory. kernel: drm/xe: Make dma-fences compliant with the safe access rules CVE-2025-38703 kernel: smb: client: let recvdone verify dataoffset, datalength and...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38436)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38436 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence wh...

MiracleLinux 9 : kernel-5.14.0-362.24.1.el9_3 (AXSA:2024-7637:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7637:09 advisory. kernel: inactive elements in nftpipapowalk CVE-2023-6817 kernel: netfilter: use-after-free in nfttransgccatchallsync leads to privilege escalation...