CVE-2026-46022

The CVE-2026-46022 entry documents a Linux kernel vulnerability in misc: ibmasm, where ibmasm_handle_mouse_interrupt() performs an out-of-bounds MMIO read when hardware queue indices exceed REMOTE_QUEUE_SIZE (60). The root cause is that get_queue_reader()/get_queue_writer() return raw readl() val...

Linux Distros Unpatched Vulnerability : CVE-2026-46022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer ind...

PT-2026-43889

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasm handle mouse interrupt ibmasm handle mouse interrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTE QUEUE SIZE 60. A compromised...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in snruncoremmiomap. pcigetdevice increases the reference count of the returned pcidev. Therefore, snruncoregetmcdev will return a pcidev with its reference count increased...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A vulnerability was discovered in the Linux kernel before version 6.5.9. This vulnerability could be exploited by local users who have access to MMIO registers through the user space. Incorrect access checks in the VC handler, along with improper emulation of MMIO accesses using the SEV-ES...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Viawdt: fixed a critical boot hang caused by unnamed resource allocation. The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Net: DSA: Felix: Fixed memory leak in felixsetupmmiofiltering A memory leak can be avoided if no CPU port is defined. Addresses-Coverity-ID: 1492897 “Resource leak” Addresses-Coverity-ID: 1492899 “Resource leak”...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Do not retire an aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented feature of the KVM UAPI. However, it’s clear that this functionality has been tested limitedly, ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: Do not break the lifecycle of vmdev. vmdev has a separate lifecycle because it has a struct device embedded within it. Therefore, having a release callback for it is correct. However, allocating the vmdev structure...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: igc: Restored the IGCREMOVED logic and implemented it correctly. The initially merged version of the igc driver code via commit 146740f9abc4, “igc: Add support for PF” contained the following IGCREMOVED checks in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: thinkpadacpi – Fixed a memory leak related to the EFCH MMIO resource. Unlike releasememregion, a call to releaseresource does not free the resource automatically; therefore, it must be freed explicitly to avoid a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Performing early GT MMIO initialization to read the GMDID. VFs need to communicate with the GuC to obtain the GMDID value. Existing GuC functions that use this information assume that the GT has already set up its MMIO...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: connac: Do not check WED status for non-MMIO devices WED is only supported for MMIO devices. Therefore, do not check it for USB or SDIO devices. This patch fixes the crash reported below: 21.946627 wlp0s3u1i3:...

CVE-2024-36332

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...

CVE-2025-61971

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...

CVE-2025-61971

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...

CVE-2025-61971

The CVE-2025-61971 entry concerns missing lock bit protection for NBIO registers in AMD systems, enabling a locally privileged attacker to modify MMIO routing configurations and potentially compromise SEV-SNP guest integrity. Connected sources confirm affected component as NBIO registers and MMIO...

AMD多款产品 安全漏洞

AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities could allow local administrator attackers to modify MMIO routing configurations, potentially leading to loss of SEV-SNP client...

CLSA-2026-1778276927 kernel: Fix of 33 CVEs

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - ext4: avoid OOB when system.data xattr changes underneath the filesystem CVE-2024-47701 - gpiolib: cdev: fix uninitialised kfifo CVE-2024-36898 - wifi: mt76: Fix...

SUSE CVE-2026-43008

In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an ERRPTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invalid point...