225 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch-end is 0, then setting npfns0 before computing the new value of pfns will fail to adjust the pfn, resulting in various page accounting corruptions. This issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommufd/selftest: Overflow of uptr and length was caught. syzkaller generated a WARN when trying to have uptr close to UINTPTRMAX: WARNING: CPU: 1 PID: 393 at drivers/iommu/iommufd/selftest.c:403 iommufdtest+0xb19/0x16f0 Modul...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommufd: Check for uptr overflow syzkaller discovered that setting up a page with a user VA that wraps past zero can trigger WARNONs, especially when pinuserpages strangely returns 0 due to invalid arguments. This issue preven...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not cause an overflow during division for dirty tracking. If pgshift is 63, then BITSPERTYPEbitmap-bitmap pgsize will result in an overflow to 0. This triggers a division by 0. In this case, the index should simply be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fixed a race condition during abort for file descriptors The fput function does not call the fileoperations::release function synchronously. Instead, it places the file in a work queue, and it will eventually be released...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: vfio: Fixed NULL pointer dereferencing caused by uninitialized group-iommufd. group-iommufd is not initialized for the iommufdctxput function. 20018.331541 BUG: NULL pointer dereferencing in the kernel, address: 00000000000000...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fixed a out-of-bounds situation in iovabitmapoffsettoindex. A UBSAN out-of-bounds issue was addressed in iovabitmapoffsettoindex. Shifting the constant “1” of type int by bitmap-mapped.pgshift a unsigned long...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevents ALIGN overflow. When allocating IOVA, the candidate range is aligned to the target alignment. If the range is close to ULONGMAX, the ALIGN function may cause a wrap, resulting in a corrupted iova structure...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommufd: Fixed the issue of unpinning pages when an access occurs. syzkaller discovered that the calculation of batchlastindex should use ‘startindex’. This is because, when this function is called, the batch may be empty or i...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: The end value is set correctly when performing batch carry operations. Although the test suite covers this issue, it was somehow overlooked that this behavior was incorrect. The test...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1495)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1495 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation CVE-2025-40209 In t...
kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability
A flaw was found in the Linux kernel's iommufd/iovabitmap component. This vulnerability allows a local attacker with low privileges to cause a system crash or denial of service via a shift-out-of-bounds error...
kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability
A flaw was found in the Linux kernel's iommufd/iovabitmap component. This vulnerability allows a local attacker with low privileges to cause a system crash or denial of service via a shift-out-of-bounds error...
RHEL 9 : kernel-rt (RHSA-2026:1443)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1443 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
RHEL 9 : kernel (RHSA-2026:1441)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1441 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: iommufd/iovabitm...
RHEL 9 : kernel (RHSA-2026:0917)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0917 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: iommufd/iovabitm...
Azure Linux 3.0 Security Update: kernel (CVE-2024-47719)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47719 advisory. - In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALI...
kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability
A flaw was found in the Linux kernel's iommufd/iovabitmap component. This vulnerability allows a local attacker with low privileges to cause a system crash or denial of service via a shift-out-of-bounds error...
ROS-20260119-7323
A vulnerability in the drivers/iommu/iommufd/iovabitmap.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...