64 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Register devlink first under the devlink lock. If the device encounters a non-fatal firmware error during the probe, the driver will report the error to the user via devlink. This will trigger a WARN, since mlx5 calls...
SUSE CVE-2026-43171
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't dump the entire memory region The current logic at cperprintfwerr doesn't check if the error record length is big enough to handle offset. On a bad firmware, if the ofset is above the actual record, length -= offs...
SUSE CVE-2026-43266
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...
EUVD-2026-27665
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...
EUVD-2026-27730
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't dump the entire memory region The current logic at cperprintfwerr doesn't check if the error record length is big enough to handle offset. On a bad firmware, if the ofset is above the actual record, length -= offs...
CVE-2026-43266
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...
CVE-2026-43266
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...
CVE-2026-43266
The CVE-2026-43266 issue affects the Linux kernel’s ARM CPER/APEI handling: a CPER record with an oversized section_length can cause the kernel to read beyond the intended firmware buffer, leading to a large data dump and potential memory access issues. The fix adds a guard so the kernel stops at...
CVE-2026-43266 EFI/CPER: don't go past the ARM processor CPER record buffer
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...
CVE-2026-43171
The CVE-2026-43171 described affects the Linux kernel EFI/CPER component where cper_print_fw_err() does not validate the error-record length against the given offset, allowing an underflow that can cause dumping of large memory regions. Consequences include potential data disclosure and system in...
CVE-2026-43171 EFI/CPER: don't dump the entire memory region
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't dump the entire memory region The current logic at cperprintfwerr doesn't check if the error record length is big enough to handle offset. On a bad firmware, if the ofset is above the actual record, length -= offs...
PT-2026-37511
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the cper print fw err function where the logic fails to verify if the error record length is sufficient to handle the offset. In cases of faulty firmware, if the offse...
PT-2026-37606
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the GHES/CPER logic of the Linux kernel regarding the handling of ARM processor CPER records. The system fails to detect when the section length is excessively large. ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to check the length of error records in the cperprintfwerr module. This vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2026-31698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the...
SUSE CVE-2026-23328
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...
CVE-2026-23328
A flaw was found in the Linux kernel's accel/amdxdna component. An unexpected firmware error during message handling can cause a critical communication variable mgmtchann to be set to NULL. This can lead to a NULL pointer dereference when the system attempts to stop hardware operations, resulting...
CVE-2026-23328
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...
UBUNTU-CVE-2026-23328
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...
CVE-2026-23328 accel/amdxdna: Fix NULL pointer dereference of mgmt_chann
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...