68 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free. References to i915requests may be trapped by the user space within a syncfile or dmabuf dma-resv, and held indefinitely across different processes. To count...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the reference counting during error capture and debugfs dump. When GuC support was added to error capture, the reference counting around the request object was broken. This issue has been fixed. The context-bas...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: The call to fini during the creation of an execution queue fails. Every call to queue initialization should include a corresponding fini call. Skipping this would mean failing to remove the queue from the GuC list...
SUSE CVE-2026-23350
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...
UBUNTU-CVE-2026-23350
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...
CVE-2026-23350 drm/xe/queue: Call fini on exec queue creation fail
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...
CVE-2026-23350
CVE-2026-23350 is a Linux kernel vulnerability in the drm/xe/queue path. The issue arises when an exec queue creation fails and is not properly finalized, leaving a damaged queue in exec_queue_lookup which can cause an invalid memory reference. The fix adds a finalization call (fini) for each que...
CVE-2026-23350
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...
kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free
A use-after-free vulnerability was found in the Linux kernel Intel i915 graphics driver's GuC virtual engine request handling. A local user with access to GPU rendering can create requests on GuC virtual engines and trap references via syncfile or dmabuf, causing fence release operations to acces...
Moderate: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 9 : kernel-rt (RHSA-2026:1443)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1443 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
RHEL 9 : kernel (RHSA-2026:1441)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1441 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: iommufd/iovabitm...
MiracleLinux 8 : kernel-4.18.0-553.94.1.el8_10 (AXSA:2026-086:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-086:04 advisory. kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and...
RockyLinux 8 : kernel (RLSA-2026:0759)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0759 advisory. kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and...
RockyLinux 8 : kernel-rt (RLSA-2026:0760)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0760 advisory. kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and...
AlmaLinux 8 : kernel-rt (ALSA-2026:0760)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0760 advisory. kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and...
kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free
A use-after-free vulnerability was found in the Linux kernel Intel i915 graphics driver's GuC virtual engine request handling. A local user with access to GPU rendering can create requests on GuC virtual engines and trap references via syncfile or dmabuf, causing fence release operations to acces...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength CVE-2025-39933 kernel: drm/i915:...
PT-2026-27715
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/xe/queue functionality where a missing finalization call during queue initialization can lead to invalid memory references. Specifically, if queue...
SUSE CVE-2025-68326
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Fix stackdepot usage Add missing stackdepotinit call when CONFIGDRMXEDEBUGGUC is enabled to fix the following call stack: BUG: kernel NULL pointer dereference, address: 0000000000000000 Workqueue: drmschedrunjobwork...