22 matches found
CVE-2026-45979 drm/amdgpu: clean up the amdgpu_cs_parser_bos
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftobjtypeget. The function nftunregisterobj can occur concurrently with nftobjtypeget. There is no protection when iterating over the nftablesobjects list in nftobjtypeget...
drm/amdgpu: Limit BO list entry count to prevent resource exhaustion
...
CVE-2026-23468
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...
CVE-2026-23468
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...
CVE-2026-23468 drm/amdgpu: Limit BO list entry count to prevent resource exhaustion
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...
CVE-2026-23468
CVE-2026-23468 affects the Linux kernel’s DRM/amdgpu BO list handling. The issue was an attacker-controlled bo_number could trigger excessive memory allocation and slow list processing; the fix introduces a hard limit of 128k entries per BO list and returns -EINVAL when exceeded. Connected adviso...
PT-2026-30162
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/amdgpu subsystem where the number of BO list entries is not limited. Userspace can provide an arbitrary number of BO list entries via the bo...
SUSE CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
EUVD-2025-208350
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
CVE-2025-68749 accel/ivpu: Fix race condition when unbinding BOs
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...
OpenBlow Missing Headers
Multiple public deployments of the OpenBlow whistleblowing software lack critical HTTP security headers. These configurations expose users to client-side vulnerabilities including cross site scripting, clickjacking, API misuse, and referer leakage. Given the extreme sensitivity of users...
CLSA-2025-1739822055 libvirt: Fix of CVE-2023-3750
CVE-2023-3750: fix race condition in virStoragePoolObjListSearch function to prevent denial of service...
CVE-2024-54455
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix general protection fault in ivpubolist Check if ctx is not NULL before accessing its fields...
CVE-2024-34634
Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...
CVE-2024-34634
Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...
CVE-2024-34634
Samsung Notes contains an out-of-bounds read vulnerability in the parsing of the connected object list, affecting versions prior to 4.4.21.62. This allows a local attacker to access unauthorized memory. The issue is documented across multiple sources (e.g., CVE-2024-34634 entries in NVD/CVE lists...
GHSA-JXGR-GCJ5-CQQG nautobot has reflected Cross-site Scripting potential in all object list views
Impact It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Scripting Reflected XSS attack against users. All filterable object-list views in Nautobot are...
nautobot has reflected Cross-site Scripting potential in all object list views
Impact It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Scripting Reflected XSS attack against users. All filterable object-list views in Nautobot are...