Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Do not attempt to trigger a full GT reset if a VF is involved. VFs do not have access to the GDRST0x941c register, which is used by the driver to reset a GT. Attempt to trigger a reset using debugfs: bash $ cat...

SUSE CVE-2026-46216

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...

CVE-2026-46216

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...

UBUNTU-CVE-2026-46216

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...

CVE-2026-46216 drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...

EUVD-2026-32843

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...

PT-2026-44339

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel pagefault error occurs in the DRM/XE/HDCP component when media GT is disabled via configfs. In this scenario, the media gt variable remains NULL, causing the intel hdcp gsc chec...

Malicious code in gt-tester-exp-profiler-exp-00000017 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1490f970bd52c80c89f33029f9e875f1fb595014621d50e0ce87a167d1cd348 setup.py installs a site-wide.pth file gttesterexpprofilerexp00000017probe.pth into site-packages that imports the package's probe module and calls...

DEBIAN-CVE-2026-31547

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccsmodestore ccsmodestore calls xegtreset which internally invokes xepmruntimegetnoresume. That function requires the caller to already hold an outer runtime PM reference and warns if...

CVE-2026-31547

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccsmodestore ccsmodestore calls xegtreset which internally invokes xepmruntimegetnoresume. That function requires the caller to already hold an outer runtime PM reference and warns if...

CVE-2026-31547

CVE-2026-31547 affects the Linux kernel DRM/xe driver. The flaw is a missing outer runtime PM reference in ccs_mode_store, where ccs_mode_store() calls xe_gt_reset() which invokes xe_pm_runtime_get_noresume() that requires an outer runtime PM reference. The result is a runtime PM protection warni...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of a runtime PM reference in the ccsmodestore function. This vulnerability may trigger a...

kernel: drm/xe: Make dma-fences compliant with the safe access rules

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

kernel: drm/xe: Make dma-fences compliant with the safe access rules

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000507 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure When failing the driver...

CVE-2025-63662

Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information...

CVE-2025-63664

Incorrect access control in the /api/v1/conversations//messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents...

CVE-2025-63662

CVE-2025-63662 affects GT Edge AI Platform prior to v2.0.10-dev. The vulnerability stems from insecure permissions on the /api/v1/agents API, enabling unauthorized access to sensitive information. Multiple trusted sources (Red Hat, ENISA, CNNVD, CVE lists, and enterprise feeds) corroborate the is...

CVE-2025-63663

Incorrect access control in the /api/v1/conversations//files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files...

GT Edge AI 安全漏洞

GT Edge AI is an edge AI solution from US-based GT Edge AI. A security vulnerability exists in versions prior to GT Edge AI v2.0.10-dev, which stems from improper /api/v1/agents API permissions, which could lead to unauthorized access to sensitive information...