80 matches found
SUSE CVE-2026-46022
In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...
SUSE CVE-2026-46064
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...
CVE-2026-46064
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...
UBUNTU-CVE-2026-46022
In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...
UBUNTU-CVE-2026-46064
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...
CVE-2026-46064
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...
EUVD-2026-32403
In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...
Astra Linux - уязвимость в qemu
A reentrancy issue related to DMA was discovered in the Tulip device emulation in QEMU. When Tulip reads from or writes to the rx/tx descriptor, or copies a rx/tx frame, it does not check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers...
CVE-2025-61971
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...
AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – May 2026
CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS Vector ---|---|--- CVE-2025-61972| Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in...
CVE-2026-43155
In the Linux kernel, the following vulnerability has been resolved: mux: mmio: fix regmap leak on probe failure The mmio regmap that may be allocated during probe is never freed. Switch to using the device managed allocator so that the regmap is released on probe failures e.g. probe deferral and ...
PT-2026-37495
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the mmio regmap when an allocation happens during the probe process and subsequently fails. The regmap is not freed during probe failures, such as probe deferral,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-coded GGTT MMIO access protection. GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if the driver loa...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RISC-V: Ensure that port I/O string accessors actually work properly. Fixed port I/O string accessors such as insb’, outsb’, etc., which use the physical PCI port I/O address rather than the corresponding memory mapping to...
CVE-2026-43008 gpio: qixis-fpga: Fix error handling for devm_regmap_init_mmio()
In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...
AMD EPYC 安全漏洞
AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. AMD EPYC has a security vulnerability that stems from the lack of lock verification. This vulnerability could allow for modifications to MMIO routes and undermine the integrity of customer systems...
EUVD-2026-18732
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...
KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE
...
CVE-2026-23401
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...
Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50170)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50170 advisory. 6.12.0-200.74.27.1 - KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE Sean Christopherson Orabug: 39071315 Tenable has extract...