DEBIAN-CVE-2026-31602

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...

CVE-2026-31658

In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tsestartxmit When dmamapsingle fails in tsestartxmit, the function returns NETDEVTXOK without freeing the skb. Since NETDEVTXOK tells the stack the packet was consumed, the sk...

CVE-2026-31589

The CVE-2026-31589 issue affects the Linux kernel memory management in the mm path related to folio_unmap_invalidate. The vulnerability arises when the system calls free_folio() directly, instead of loading the free_folio function pointer after obtaining a mapping reference or lock, potentially l...

CVE-2026-31588

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use scratch field in MMIO fragment to hold small write values When exiting to userspace to service an emulated MMIO write, copy the to-be-written value to a scratch field in the MMIO fragment if the size of the data...

CVE-2026-31479 drm/xe: always keep track of remap prev/next

In the Linux kernel, the following vulnerability has been resolved: drm/xe: always keep track of remap prev/next During 3D workload, user is reporting hitting: 413.361679 WARNING: drivers/gpu/drm/xe/xevm.c:1217 at vmbindioctlopsunwind+0x1e2/0x2e0 xe, CPU7: vkd3dqueue/9925 413.361944 CPU: 7 UID:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013786)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013786 advisory. In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb',...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013151)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013151 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 kasan, vmalloc: unpoison...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010883)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010883 advisory. In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf-sg = NULL if the creation of sg table fails When userspace tries to map the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011166)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011166 advisory. In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb',...

CVE-2026-40572

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...

CVE-2026-40572

NovumOS vulnerability CVE-2026-40572: In versions prior to 0.24, Syscall 15 (MemoryMapRange) lets Ring-3 user processes map arbitrary virtual ranges into their address space without validating against forbidden regions, including kernel structures (IDT, GDT, TSS, page tables). This can allow a lo...

EUVD-2026-23640

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...

CVE-2026-40572 NovumOS has Arbitrary Memory Mapping via Syscall 15 (MemoryMapRange)

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...

PT-2026-33549

Name of the Vulnerable Software and Affected Versions NovumOS versions prior to 0.24 Description Syscall 15 'MemoryMapRange' allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions. This includes critical kern...

CVE-2026-29923

The pstrip64.sys driver in EnTech Taiwan PowerStrip =3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures...

EUVD-2026-21014

The pstrip64.sys driver in EnTech Taiwan PowerStrip =3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures...

CVE-2026-29923

The CVE relates to EnTech Taiwan PowerStrip ≤ 3.90.736 where the pstrip64.sys kernel driver exposes IOCTL 0x80002008 that, without proper checks, maps arbitrary physical memory into an unprivileged process via \Device\PhysicalMemory/ZwMapViewOfSection. This creates an unrestricted physical memory...

pstrip64.sys Privilege Escalation

The pstrip64.sys kernel driver exposes an IOCTL that allows low-privileged users to map arbitrary ranges of physical memory into their own virtual address space. This primitive allows full read/write access to the system's physical RAM, enabling attackers to modify critical kernel structures and...

Exploit for Access of Memory Location Before Start of Buffer in Apple Ipados

CVE-2024-27840 — Kernel Memory Protection Bypass First publ...

EUVD-2026-15372

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose When a process forks, the child process copies the parent's VMAs but the usermapped reference count is not incremented. As a result, when both the parent and child processes exit,...