Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/gvt: fixed the issue where vGPU debugfs was cleaned up during the remove operation. Check carefully whether the root debugfs is available when destroying the vGPU. For example, in the remove operation, the DRM minor’s...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a memory leak in the createprocess failure scenario. Fixed a memory leak caused by a leaked mmget reference in a error handling code path, which occurs when attempting to create KFD processes while a GPU rese...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The oem i2c adapter is removed after the operation is completed. This fix addresses a bug where unbinding the GPU would leave the oem i2c adapter registered, resulting in a null pointer dereference when...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree. If virtiogpuobjectshmeminit fails e.g., due to fault injection, as happened in the bug report by syzbot, virtiogpuarrayputfree might be called with objs being NUL...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a3xx: Fixed error handling in a3xxgpuinit. These error paths now return 1 on failure, instead of a negative error code. This could lead to an Oops in the calling function. Another issue is that the check for "if ret !=...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise, after the GTT context is released, the GTT and gart space are freed. However, amdgputtmbackendunbind does not clear the gart page table entry; instead, it leaves a valid...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: The ioaw hook was defined as mmiowb. The commit fb24ea52f78e0d595852e states that “drivers: Explicit invocations of mmiowb were removed.” All occurrences of mmiowb in drivers were removed. However, it is noted that:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed handling of partial GPU mapping of BOs. This commit fixes the bug in handling partial mapping of buffer objects to the GPU, which caused kernel warnings. Panthor did not handle correctly the case where the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a4xx: Fixed error handling in a4xxgpuinit. This code now returns 1 on error instead of a negative error. This leads to an “Oops” in the calling function. Another issue is that the check if ret != -ENODATA cannot be tru...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15

A NULL pointer dereference vulnerability was discovered in the vmwgfx driver, located in the file vmwgfxexecbuf.c within the GPU component of the Linux kernel. The vulnerability affects device files such as '/dev/dri/renderD128' or 'Dxxx'. This flaw allows a local attacker with a user account on...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Fix null ptr access in adrenogpucleanup Fix the below kernel panic due to null pointer access: 18.504431 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 18.513464 Mem abort inf...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU. The runtime PM suspend callback does not know whether the IRQ handler is in progress on a different CPU core and therefore does not wait for it to finish. Dependi...

CVE-2026-22165

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

CVE-2026-22167

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

CVE-2026-22166

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-22165 GPU DDK - UAF read of GLES3Context::psDrawParams and GLES3Context::psMode and UAF read/write of RMJob::apsCCBs

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

CVE-2026-22165

CVE-2026-22165 involves a flaw in a GPU DDK where a web page serving unusual WebGPU content loaded into the GPU GLES render process can trigger a write UAF in the GPU GLES user-space shared library. The root cause is described as UAF reads of GLES3Context::psDrawParams and GLES3Context::psMode an...

CVE-2026-22167

CVE-2026-22167 concerns a GPU DDK vulnerability where cache-resident PM buffers can be written by other GPU requestors. The issue allows software running as a non-privileged user to issue improper GPU system calls, forcing the GPU to write to arbitrary physical memory pages. Under certain conditi...

GHSA-RCH3-82JR-F9W9 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, jupyter-base-notebook, tensorflow-cpu-jupyter, tensorflow-gpu-jupyter, datahub-ingestion...

CVE-2026-40171 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, jupyter-base-notebook, tensorflow-cpu-jupyter, tensorflow-gpu-jupyter, datahub-ingestion...