CVE-2026-46016

In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent possibility of crash by NULL pointer dereferencing...

CVE-2026-46016

In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent possibility of crash by NULL pointer dereferencing...

CVE-2026-46016

The CVE-2026-46016 entry concerns the Linux kernel remoteproc: xlnx path. Root cause: code accessed buffer information only when IPI is buffered; fix adds a NULL check in the receive callback to avoid potential NULL-pointer dereference. Affected component is the Linux kernel (remoteproc/xlnx). Th...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Ensure that the IPI buffer fits within the L2TCM. The location of the IPI buffer is determined from the firmware that we load into the System Companion Processor. It is not guaranteed that both the SRAM size...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: ACPI: GTDT: Do not corrupt interrupt mappings during watchdog probe failures When the driver probe fails due to invalid firmware properties, the GTDT driver unmaps the interrupt that was previously mapped. However, it never check...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix IPIs usage in kfenceprotectpage flushtlbkernelrange may use IPIs to flush the TLBs of all the cores, which triggers the following warning when the irqs are disabled: 3.455330 WARNING: CPU: 1 PID: 0 at kernel/smp.c:815...

CVE-2026-23028

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...

CVE-2026-23028 LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...

SUSE CVE-2025-71140

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

UBUNTU-CVE-2022-50761

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xeninitlockcpu In xeninitlockcpu, the @name has allocated new string by kasprintf, if bindipitoirqhandler fails, it should be freed, otherwise may lead to a memory leak issue, fix it...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46707)

KVM: arm64: Make ICCSGIEL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest hasn't been configured with GICv3 and that the host is not capable of GICv2 emulation, a write to any of the ICCSGIEL1 registers is trapped to EL2. This plugin only works with Tenable.ot. Please visit...

SUSE CVE-2025-58147

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...

CVE-2023-53332

In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with an invalid interrupt number, all the local variables there will be NULL. ipisendverify which is invoked from these functions does...

DEBIAN-CVE-2023-53332

In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with an invalid interrupt number, all the local variables there will be NULL. ipisendverify which is invoked from these functions does...

AZL-70807 CVE-2025-39744 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

Linux Distros Unpatched Vulnerability : CVE-2024-36965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read fro...

PT-2025-37203

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to rcu read unlock. Specifically, a potential deadlock can occur during rcu read unlock special when invoked within the irq exit path, trigger...

SUSE CVE-2025-37964

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate window where TLB flushes may be inadvertently skipped tl;dr: There is a window in the mm switching code where the new CR3 is set and the CPU should be getting TLB flushes for the new mm. But shouldflushtlb has a...

UBUNTU-CVE-2025-37964

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate window where TLB flushes may be inadvertently skipped tl;dr: There is a window in the mm switching code where the new CR3 is set and the CPU should be getting TLB flushes for the new mm. But shouldflushtlb has a...