398 matches found
CVE-2026-45908
A flaw was found in the Linux kernel's accel/amdxdna component. The amdxdnaubufmap function allocates memory for scatter-gather SG and internal SG table structures. However, it fails to free this allocated memory if subsequent operations, such as sgalloctablefrompages or dmamapsgtable, encounter ...
EUVD-2026-32374
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...
CVE-2026-45908
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...
CVE-2026-45908 accel/amdxdna: Fix memory leak in amdxdna_ubuf_map
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fixed BQL accounting for multi-BD TX packets. When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the actual length of each BD from the descriptor status into an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommupt: Fixed the issue where short gathers occur when unmapping a large entry. The unmap operation has an unusual behavior—it may unmap more entries than requested, especially if the destination address falls within the middle ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap the dmamapsg tracepoint arrays to prevent buffer overflows. The dmamapsg tracepoint can cause a perf buffer overflow when tracing large scatter-gather lists. With devices like virtio-gpu that create large DRM...
SUSE CVE-2026-43250
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...
EUVD-2026-27813
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...
CVE-2026-43250
CVE-2026-43250 affects the Linux kernel ChipIdea USB Device Controller (UDC) driver. The vulnerability arises when a USB device is reconnected during an active transfer, because _ep_nuke() returns requests without unmapping DMA buffers or cleaning bounce buffers, leaving stale DMA state (num_mapp...
SUSE CVE-2026-31735
In the Linux kernel, the following vulnerability has been resolved: iommupt: Fix short gather if the unmap goes into a large mapping unmap has the odd behavior that it can unmap more than requested if the ending point lands within the middle of a large or contiguous IOPTE. In this case the gather...
SUSE CVE-2026-43031
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...
SUSE CVE-2026-43043
In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new afalgtsgl structure. If a sendmsg fills an SGL exactly to MAXSGLENTS, the...
Linux Distros Unpatched Vulnerability : CVE-2026-43031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the issue with the ib block iterator counter overflow. When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry into smaller, aligned D...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The value of dwc3request-numqueuedsgs is decremented upon completion. If a partially completed request is processed, then dwc3request-numqueuedsgs no longer reflects the total...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fpga: fixed the potential null pointer dereferencing in fpgamgrtestimgloadsgt The fpgamgrtestimgloadsgt function allocates memory for sgt using kunitkzalloc. However, it does not check whether the allocation fails. It then...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevents the transmitted data size from exceeding the length of sgm. No check is performed on the size of the data to be transmitted. This can lead to a kernel panic when the transmitted data size exceeds the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel – Added error handling for dmamapsg calls The Macro dmamapsg may return 0 in the event of an error. This patch enables checks in case of a macro failure and ensures that previously mapped buffers are unmapped usi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fixed a race condition that could lead to system crashes during EEH error handling During EEH error recovery, the bnx2x driver’s transmit timeout logic could create a race...