About Elevation of Privilege - Linux Kernel "Fragnesia" (CVE-2026-46300) vulnerability

About Elevation of Privilege - Linux Kernel "Fragnesia" CVE-2026-46300 vulnerability. The vulnerability was discovered by researcher William Bowling together with the V12 team. Fragnesia belongs to the class of Dirty Frag vulnerabilities. It is an error in the ESP/XFRM subsystem, distinct from...

CVE-2026-46216 drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the video:fbdev:arkfb function, the value of screensize is calculated based on user input. If the user provides an incorrect value, the value of screensize may be larger than info-screensize, which may lead to the following bu...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Stop parsing non-compact HEAD indexes if clusterofs is invalid. Syzbot generated a crafted image with a non-compact HEAD index of clusterofs 33024. While valid numbers should be between 0 and lclustersize-1, this caused th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: The memory hotplug lock is now handled within ptdumpwalkpgd. Memory hot removal operations involve unmapping memory and deallocating various kernel page table regions as needed. The ptdump code may race with concurrent...

CVE-2026-31601

A flaw was found in the Linux kernel's vfio/xe driver. An attacker, by attempting to reset a Virtual Function VF device that does not support migration, can trigger a kernel page fault. This can lead to a system crash, resulting in a Denial of Service DoS...

CVE-2026-31601 vfio/xe: Reorganize the init to decouple migration from reset

In the Linux kernel, the following vulnerability has been resolved: vfio/xe: Reorganize the init to decouple migration from reset Attempting to issue reset on VF devices that don't support migration leads to the following: BUG: unable to handle page fault for address: 00000000000011f8 PF:...

Linux Distros Unpatched Vulnerability : CVE-2025-71228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LoongArch: Set correct protectionmap for VMNONE/VMSHARED For 32BIT platform PAGEPROTNONE is 0, so set a VMA to be VMNONE or VMSHARED will make pages non-present...

AZL-77724 CVE-2025-71202 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache entries for the CPU kernel address space. This interface is invoked from the x86 architecture code tha...

CVE-2025-71202

CVE-2025-71202 affects the Linux kernel IOMMU SVA coherency. A new IOMMU interface flushes IOTLB paging cache entries for the CPU kernel address space, invoked from x86 code before freeing and reusing kernel page tables. The issue allows an unprivileged local user to trigger stale IOTLB translati...

CVE-2025-71202 iommu/sva: invalidate stale IOTLB entries for kernel address space

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache entries for the CPU kernel address space. This interface is invoked from the x86 architecture code tha...

Linux Distros Unpatched Vulnerability : CVE-2025-71202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache entries for the CPU kernel addres...

CVE-2025-71089

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

SUSE CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

AZL-74330 CVE-2025-71089 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

CVE-2025-71089

CVE-2025-71089 affects the Linux kernel via IOMMU Shared Virtual Addressing (SVA). In SVA, the IOMMU can cache kernel page-table entries, so freeing a kernel page-table page and reusing it could leave stale IOMMU entries, enabling use-after-free or write-after-free scenarios that could allow loca...

CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...