kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

EUVD-2026-32328

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...

CVE-2026-45975 ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

CVE-2026-45944 iommu/vt-d: Clear Present bit before tearing down context entry

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/region: Fixed leakage in constructregion. The first call to sysfsupdategroup requires explicitly freeing the resource, as it is too early for cxlregioniomemrelease to be called...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Memory: fslifc: fixed the issue where IO mapping was leaked during probe failures. During probe errors, the driver should unmap the IO memory. MATCH reports: drivers/memory/fslifc.c:298 fslifcctrlprobe warning:...

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

CVE-2026-23346

In the Linux kernel, the following vulnerability has been resolved: arm64: io: Extract user memory type in ioremapprot The only caller of ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a 'pgprott' value determined from the user mapping of the target...

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper handling of direct memory writing by the input/output memory management unit. This can allow malicious client virtual machines ...

CVE-2025-48509

Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...

CVE-2025-47397

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000976)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000976 advisory. The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, whic...

EUVD-2015-5070

Malware in sbrugna...

EUVD-2023-35662

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-38427

In the Linux kernel, the following vulnerability has been resolved: video: screeninfo: Relocate framebuffers behind PCI bridges Apply PCI host-bridge window offsets to screeninfo framebuffers. Fixes invalid access to I/O memory. Resources behind a PCI host bridge can be relocated by a certain...

UBUNTU-CVE-2025-38427

In the Linux kernel, the following vulnerability has been resolved: video: screeninfo: Relocate framebuffers behind PCI bridges Apply PCI host-bridge window offsets to screeninfo framebuffers. Fixes invalid access to I/O memory. Resources behind a PCI host bridge can be relocated by a certain...

CVE-2025-38427

In the Linux kernel, the following vulnerability has been resolved: video: screeninfo: Relocate framebuffers behind PCI bridges Apply PCI host-bridge window offsets to screeninfo framebuffers. Fixes invalid access to I/O memory. Resources behind a PCI host bridge can be relocated by a certain...

kernel: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count

This CVE has been marked as Rejected by the assigning CNA...

CVE-2025-21713 powerpc/pseries/iommu: Don't unset window if it was never set

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Don't unset window if it was never set On pSeries, when user attempts to use the same vfio container used by different iommu group, the spaprtcesetwindow returns -EPERM and the subsequent cleanup leads to t...

CVE-2021-47315

In the Linux kernel, the following vulnerability has been resolved: memory: fslifc: fix leak of IO mapping on probe failure On probe error the driver should unmap the IO memory. Smatch reports: drivers/memory/fslifc.c:298 fslifcctrlprobe warn: 'fslifcctrldev-gregs' not released on lines: 298...