CVE-2026-46229

A flaw was found in the Linux kernel's drm/amdkfd component. This vulnerability arises because VRAM Video Random Access Memory allocations for the KFD Kernel Fusion Driver path do not properly clear previously used memory. This oversight allows a local attacker, utilizing a compute kernel, to...

CVE-2025-71305 drm/display/dp_mst: Add protection against 0 vcpi

In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if the delayeddestroywork ends up coming into play after a DP 2.1 monit...

EUVD-2026-29590

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

EUVD-2026-29589

Integer overflow or wraparound in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

KB5089548: Windows 11 Version 26H1 Security Update (May 2026)

The remote Windows host is missing security update 5089548. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Heap-based buffer overflow in Windows Win32K -...

PT-2026-40151

Name of the Vulnerable Software and Affected Versions Windows Win32K - GRFX affected versions not specified Description A race condition occurs in Windows Win32K - GRFX due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges locally. ...

CVE-2026-23471

In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drmdevunplug When trying to do a rather aggressive test of igt's "xemoduleload --r reload" with a full desktop environment and game running I noticed a few...

CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

CVE-2022-50842

CVE-2022-50842 affects the Linux kernel DRM virtio path. The issue arises when transferring 2D buffer objects (BOs); a non-shmem BO (e.g., VRAM) could bypass a necessary check, potentially leading to a NULL dereference. The publicly documented fix is to validate that a transferred 2D BO is always...

SUSE CVE-2023-53991

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology requests resources that have not been created by the system because they are typically not represented in dpumdsscfg ^1, the resources in...

UBUNTU-CVE-2025-68174

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: enhance kfd process check in switch partition current switch partition only check if kfdprocessestable is empty. kfdprcessestable entry is deleted in kfdprocessnotifierrelease, but kfdprocess tear down is in...

EUVD-2023-60090

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix potential kgdmem UAFs kgdmem pointers returned by kfdprocessdevicetranslatehandle are only guaranteed to be valid while p-mutex is held. As soon as the mutex is unlocked, another thread can free the BO...

SUSE CVE-2025-40316

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but failed to remove a partial fix which had been added by commit...

CVE-2023-53816 drm/amdkfd: fix potential kgd_mem UAFs

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix potential kgdmem UAFs kgdmem pointers returned by kfdprocessdevicetranslatehandle are only guaranteed to be valid while p-mutex is held. As soon as the mutex is unlocked, another thread can free the BO...

CVE-2023-53816

The CVE-2023-53816 item concerns the Linux kernel DRM AMDGPU driver (kgd_mem UAFs). The issue arises because kgd_mem pointers returned by kfd_process_device_translate_handle are only valid while p->mutex is held; once the mutex is released, another thread may free the backing BO, creating a us...

CVE-2025-40191 drm/amdkfd: Fix kfd process ref leaking when userptr unmapping

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd process ref leaking when userptr unmapping kfdlookupprocessbypid hold the kfd process reference to ensure it doesn't get destroyed while sending the segfault event to user space. Calling kfdlookupprocessbypid ...

kernel: drm/vkms: Fix use after free and double free on init error

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...

CVE-2025-40086 drm/xe: Don't allow evicting of BOs in same VM in array of VM binds

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

EUVD-2021-7411

Malicious code in bioql PyPI...

CVE-2025-39807

CVE-2025-39807 : Open kernel vulnerability in Linux kernel's DRM/Mediatek path, where after a hotplug event the cursor update could dereference NULL old_state->crtc, causing a kernel panic. The connected security sources confirm the fix adds NULL pointer checks to ensure stability by preventin...