CVE-2025-0045

Improper Input validation in the AMD Secure Processor ASP PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service...

SUSE CVE-2026-43449

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bounds in nvmedbbufset dev-onlinequeues is a count incremented in nvmeinitqueue. Thus, valid indices are 0 through dev-onlinequeues − 1. This patch fixes the loop condition to ensure the index stays with...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed error handling in iavfinitmodule. iavfinitmodule no longer destroys the workqueue when pciregisterdriver fails. Call destroyworkqueue when pciregisterdriver fails to prevent resource leaks. This is similar to the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: hisiaccvfiopci: fixed the XQE DMA address error. The DMA addresses of EQE and AEQE are incorrect after migration, resulting in failures in the guest kernel-mode encryption services. By comparing the definitions of hardware...

CVE-2025-48521

Improper input validation in the AMD Secure Processor ASP PCI driver could allow a local attacker to trigger a Use-After-Free UAF condition, potentially resulting in a loss of platform integrity or crash...

CVE-2025-0045

Improper Input validation in the AMD Secure Processor ASP PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service...

CVE-2025-0045

Improper Input validation in the AMD Secure Processor ASP PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service...

CVE-2025-0045

Improper Input validation in the AMD Secure Processor ASP PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service...

CVE-2025-48521

Improper input validation in the AMD Secure Processor ASP PCI driver could allow a local attacker to trigger a Use-After-Free UAF condition, potentially resulting in a loss of platform integrity or crash...

CVE-2025-48521

The CVE-2025-48521 case affects the AMD Secure Processor (ASP) PCI driver. The vulnerability stems from improper input validation in the ASP PCI driver, enabling a local attacker to trigger a use-after-free condition that could compromise platform integrity or cause a crash. Affected component: A...

AMD Server Software and Embedded Chipset Driver Vulnerabilities Identified in Windows® Environments

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0432| Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.|...

CVE-2026-43448

A flaw was found in the Linux kernel's nvme-pci driver. A race condition exists in the nvmepollirqdisable function, where the device can be concurrently disabled by nvmeresetwork. This can lead to an unbalanced interrupt IRQ enable operation, resulting in a kernel warning. This issue may cause...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004355)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004355 advisory. The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. Tenable has extracted the preceding description block...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001882)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001882 advisory. The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate ...

CVE-2022-50850

In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call unregisterrebootnotifier when pciregisterdriver fails. notifier callback iprhalt ipr...

CVE-2022-50850

In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call unregisterrebootnotifier when pciregisterdriver fails. notifier callback iprhalt ipr...

CVE-2022-50756 nvme-pci: fix mempool alloc size

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...

CVE-2022-50636

The CVE-2022-50636 entry concerns the Linux kernel PCI subsystem and VF handling. The vulnerability stemmed from pci_device_is_present() returning false for virtual functions (VFs) because it relied on Vendor/Device IDs (0xffff for VFs), causing virtio I/O issues during VF removal/unbinding or wh...

kernel: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods

In the Linux kernel, the following vulnerability has been resolved: can: mcan: pci: add missing mcanclassfreedev in probe/remove methods In mcanpciremove and error handling path of mcanpciprobe, mcanclassfreedev should be called to free resource allocated by mcanclassallocatedev, otherwise there...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990304 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the...