drm/panthor: fix for dma-fence safe access rules

...

CVE-2026-43414

CVE-2026-43414 affects the Linux kernel SCSI driver qla2xxx (fcport handling). The issue is a double-free of a Fibre Channel port object in qla24xx_els_dcmd_iocb() via qla2x00_els_dcmd_sp_free() after kref_put(), leading to potential memory corruption and system instability or DoS as described by...

PT-2026-39071

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the stratix10-rsu firmware driver when Remote System Update RSU is disabled in the First Stage Boot Loader FSBL. The issue arises because the rsu sen...

CVE-2026-43250

A flaw was found in the Linux kernel's ChipIdea USB Device Controller UDC driver. A local user with a malicious USB device, or a malicious USB device itself, could exploit this by reconnecting the device during an active data transfer. This improper cleanup of Direct Memory Access DMA buffers can...

CVE-2026-43206

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

CVE-2026-43120 RDMA/irdma: Fix double free related to rereg_user_mr

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix double free related to reregusermr If IBMRREREGTRANS is set during reregusermr, the umem will be released and a new one will be allocated in irdmareregmrtrans. If any step of irdmareregmrtrans fails after the new...

CVE-2026-43120

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix double free related to reregusermr If IBMRREREGTRANS is set during reregusermr, the umem will be released and a new one will be allocated in irdmareregmrtrans. If any step of irdmareregmrtrans fails after the new...

CVE-2026-32603

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the...

CVE-2026-32603 Sandboxie kernel driver denial of service via malformed IOCTL from sandboxed process

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the...

Sandboxie 输入验证错误漏洞

Sandboxie is an open-source isolation software based on a sandbox mechanism, developed by sandboxie-plus. Versions of Sandboxie starting from 1.17.2 and earlier contain a vulnerability related to input validation errors. This vulnerability stems from unauthorized processes sending malformed IOCTL...

PT-2026-37218

Name of the Vulnerable Software and Affected Versions Sandboxie versions prior to 1.17.3 Description A local denial of service exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL Input/Output Control to the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Do not allow mapping the MMIO HDP page with large pages. In that case, we do not receive the correct offset. The GPU has an unused 4K area of the register BAR space, into which we can remap registers. We remap the HDP...

CVE-2026-31760

The CVE-2026-31760 issue affects the Linux kernel GPIB gpib: lpvo_usb driver, where the driver incorrectly retains references to USB devices during GPIB attach, causing a memory leak on disconnect. The root cause is not releasing those references after attaching, leading to resource retention. Th...

CVE-2026-31578

CVE-2026-31578: Linux kernel as102_usb driver race leads to use-after-free/double-free when a device is deregistered while an open FD remains. The crash arises from freeing as102_dev_t after usb_register_dev() and before the final FD is closed; the fix defers freeing to the .release() path, ensur...

CVE-2026-31566 drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix fence put before wait in amdgpuamdkfdsubmitib amdgpuamdkfdsubmitib submits a GPU job and gets a fence from amdgpuibschedule. This fence is used to wait for job completion. Currently, the code drops the fence...

Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation

Exploit Title: Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation Exploit Details: https://xavibel.com/2025/12/22/using-vulnerable-drivers-in-red-team-exercises/ Date: 8/12/2025 Exploit Author: Xavi Beltran Vendor Homepage:...

📄 Throttlestop Kernel Driver 3.0.0.0 Privilege Escalation

Throttlestop Kernel Driver version 3.0.0.0 suffers from a privilege escalation vulnerability. Exploit Title: Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation Exploit Details: https://xavibel.com/2025/12/22/using-vulnerable-drivers-in-red-team-exercises/ Date: 8/12/2025...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd

A flaw was found in the Linux kernel’s AMD Kernel Fusion Driver amdkfd within the drm subsystem. When either getnumsdmaqueues or getnumxgmisdmaqueues returned 0, the driver performed a bit shift where the number of bits shifted equaled the operand width. Such a shift is undefined behavior in C an...

K000160637: Intel 800 Series Ethernet vulnerability CVE-2025-24303

Security Advisory Description Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some IntelR 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-24303 Impact This...