9 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fixed a race condition in the DMA ring dequeue process The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that time out at approximately the same time. However, this function is no...
SUSE CVE-2026-43353
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...
EUVD-2026-28658
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Correct RINGCTRLABORT handling in DMA dequeue The logic used to abort the DMA ring contains several flaws: 1. The driver unconditionally issues a ring abort even when the ring has already stopped. 2. The...
CVE-2026-43353
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...
PT-2026-39013
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Flaws exist in the DMA dequeue logic of the mipi-i3c-hci driver regarding the handling of RING CTRL ABORT. The driver issues ring aborts unconditionally even if the ring has stopped, fai...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hcidmairqhandler Do not loop over ring headers in hcidmairqhandler that are not allocated and enabled in hcidmainit. Otherwise out of bounds access will occur from rings-headersi...
SUSE CVE-2025-23147
In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3cmasterqueueibi The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls i3cmasterqueueibi to queue an IBI work task, leading to...
i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request
...
SUSE CVE-2023-52766
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hcidmairqhandler Do not loop over ring headers in hcidmairqhandler that are not allocated and enabled in hcidmainit. Otherwise out of bounds access will occur from rings-headersi...