109 matches found
CVE-2026-46224
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in xedmabufinitobj on allocation failure When drmgpuvmresvobjectalloc fails, the pre-allocated storage bo is not freed. Add xebofreestorage before returning the error. xedmabufinitobj calls xeboinitlocked, whi...
CVE-2026-46224
The CVE-2026-46224 entry concerns the Linux kernel drm/xe subsystem: a leaked buffer object (bo) in xe_dma_buf_init_obj() during allocation failure. The fix ensures that when drm_gpuvm_resv_object_alloc() fails, storage is freed via xe_bo_free(storage); since xe_dma_buf_init_obj() already frees t...
PT-2026-44347
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in xe dma buf init obj on allocation failure When drm gpuvm resv object alloc fails, the pre-allocated storage bo is not freed. Add xe bo freestorage before returning the error. xe dma buf init obj calls xe bo...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent calculations of plane dimensions in the drm/gem mechanism. This vulnerability may lead to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: “drm/gem-framebuffer: Use dmabuf from GEM object instance” has been reverted. This reversion is associated with the commit cce16fcd7446dcff7480cd9d2b6417075ed81065. The dmabuf field in the struct drmgemobject is not stable...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/gem-dma: Use dmabuf from GEM object instance’” This change is reflected in commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dmabuf field in the struct drmgemobject is not stable throughout the lifetime of the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: Fixed the crash that occurred during bootup when the separategpudrm modparam was set. The drmgemforeachgpuvmbo call from lookupvma accesses drmgemobj.gpuva.list, which is not initialized when the DRM driver does not...
EUVD-2025-209745
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around purge Acquire and release the GEM object's reservation lock around calls to the object's purge operation. The tests use drmgemshmempurgelocked, which led to errors such as show below...
EUVD-2025-209750
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around vmap/vunmap Acquire and release the GEM object's reservation lock around vmap and vunmap operations. The tests use vmaplocked, which led to errors such as show below. 122.292030...
CVE-2025-71296
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around purge Acquire and release the GEM object's reservation lock around calls to the object's purge operation. The tests use drmgemshmempurgelocked, which led to errors such as show below...
UBUNTU-CVE-2025-71298
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the object's madvide operation. The tests use drmgemshmemmadviselocked, which led to errors such as show...
CVE-2025-71298
In CVE-2025-71298, the Linux kernel fix targets drm_gem_shmem_madvise_locking: the GEM object reservation lock is now held around the madvise path to correct locking in shmem tests. The update exposes a dedicated helper drm_gem_shmem_madvise() for Kunit tests (not intended as a driver interface)....
CVE-2025-71298 drm/tests: shmem: Hold reservation lock around madvise
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the object's madvide operation. The tests use drmgemshmemmadviselocked, which led to errors such as show...
CVE-2025-71296 drm/tests: shmem: Hold reservation lock around purge
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around purge Acquire and release the GEM object's reservation lock around calls to the object's purge operation. The tests use drmgemshmempurgelocked, which led to errors such as show below...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper acquisition and release of the reserved lock on the GEM object before and after the amadvi...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper acquisition and release of the GEM object’s reserved lock before and after cleanup...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF in panthorgemcreatewithhandle debugfs code The object is potentially already gone after the drmgemobjectput. In general the object should be fully constructed before calling drmgemhandlecreate, except the...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Added a 0 byte size check to mtkdrmgemobj. Added a check in mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists, and the kernel will panic if a user-space application...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001705)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001705 advisory. The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993046)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993046 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference i...