79 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021592)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021592 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximu...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021601)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021601 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvmedevdisable nvmedevdisable modifies the...
CVE-2026-43448
A flaw was found in the Linux kernel's nvme-pci driver. A race condition exists in the nvmepollirqdisable function, where the device can be concurrently disabled by nvmeresetwork. This can lead to an unbalanced interrupt IRQ enable operation, resulting in a kernel warning. This issue may cause...
CVE-2026-43449
CVE-2026-43449 concerns the Linux kernel NVMe PCI driver. The issue is a slab-out-of-bounds write in nvme_dbbuf_set caused by an incorrect loop bound when indexing dev->online_queues; index 0 (admin queue) is excluded, but the loop could overrun. The vulnerability is evidenced by KASAN reports...
CVE-2026-43449
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bounds in nvmedbbufset dev-onlinequeues is a count incremented in nvmeinitqueue. Thus, valid indices are 0 through dev-onlinequeues − 1. This patch fixes the loop condition to ensure the index stays with...
CVE-2026-43448 nvme-pci: Fix race bug in nvme_poll_irqdisable()
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvmepollirqdisable In the following scenario, pdev can be disabled between 1 and 3 by 2. This sets pdev-msixenabled = 0. Then, pciirqvector will return MSI-X IRQ15 for 1 whereas return INTx IRQcqvector...
CVE-2026-43448
CVE-2026-43448 corresponds to a race in the Linux kernel nvme-pci driver (nvme_poll_irqdisable) where a device can be disabled between operations, causing nvme_poll_irqdisable() to race with nvme_reset_work() and leading to an unbalanced IRQ enable (IRQ 10 in the crash log). The root cause is a m...
CVE-2026-43448
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvmepollirqdisable In the following scenario, pdev can be disabled between 1 and 3 by 2. This sets pdev-msixenabled = 0. Then, pciirqvector will return MSI-X IRQ15 for 1 whereas return INTx IRQcqvector...
Linux Distros Unpatched Vulnerability : CVE-2026-43449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme-pci: Fix slab-out-of-bounds in nvmedbbufset dev-onlinequeues is a count incremented in nvmeinitqueue. Thus, valid indices are 0 through dev-onlinequeues 1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: Handling of changes to the device’s DMA map requirements. The initial state of dmaneedsunmap might be false, but it becomes true during the DMA mapping process. Enabling swiotlb can affect the outcome in such cases...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: fixed the mempool allocation size. The maximum size was converted to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. This result is used to determine how many PRP Lists a...
SUSE CVE-2026-31523
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...
EUVD-2026-24911
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...
CVE-2026-31523 nvme-pci: ensure we're polling a polled queue
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013704)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013704 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor...
SUSE CVE-2026-23174
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...
CVE-2026-23174
The CVE-2026-23174 entry concerns the Linux kernel nvme-pci subsystem. Root cause: dma_needs_unmap may switch from false to true during data-iterator mapping, and the nvme driver must preserve mapped DMA vectors for later unmapping. The fix is to allocate/unprepare storage for DMA vectors on dema...
CVE-2026-23174
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...
EUVD-2026-5865
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...
CVE-2026-23174 nvme-pci: handle changing device dma map requirements
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...