7 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget...
CVE-2026-53085
In the Linux kernel, the following vulnerability has been resolved: bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget. If the task exits concurrently, the mmstruct can be freed as it is...
CVE-2026-45931
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...
CVE-2026-45931 accel/amdxdna: Hold mm structure across iommu_sva_unbind_device()
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...
CVE-2026-45931
The CVE-2026-45931 issue affects the Linux kernel’s accel/amdxdna module. A crash can occur in iommu_sva_unbind_device() when it accesses iommu_mm after the associated mm structure has been freed. The fix is to take an explicit reference to the mm structure after successfully binding the device a...
UBUNTU-CVE-2022-49426
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fix mm use-after-free We currently call arm64mmcontextput without holding a reference to the mm, which can result in use-after-free. Call mmgrab/mmdrop to ensure the mm only gets freed after we unpinned the...
CVE-2022-49426
CVE-2022-49426 : Linux kernel iommu/arm-smmu-v3-sva had a use-after-free when freeing the MM context because arm64_mm_context_put() ran without a held reference. The root cause is not holding a reference to the MM during unpinning, allowing it to be freed prematurely. The fix is to call mmgrab()/...