177 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb befo...
CVE-2026-53067
A flaw was found in the Linux kernel's PCI Peripheral Component Interconnect endpoint Message Signaled Interrupts MSI doorbell allocation. When MSI allocation fails, the system may attempt to free already freed memory, leading to a double-free vulnerability. This issue can result in memory...
EUVD-2026-38935
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb before requesting MSI vectors. If MSI allocation fails, the array is free...
CVE-2026-53067
In the Linux kernel PCI endpoint code, the issue was in pci_epf_alloc_doorbell(): it stored the allocated doorbell message array in epf->db_msg/epf->num_db before requesting MSI vectors. If MSI allocation failed, the array was freed but EPF state could still reference freed memory. The fix ...
SUSE CVE-2025-71313
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...
CVE-2025-71313
A flaw was found in the Linux kernel's PCI endpoint driver. A missing NULL check for the allocworkqueue function can lead to a NULL pointer dereference if memory allocation fails. This vulnerability, specifically within the epfntbepcinit function, allows a local attacker to cause a system crash,...
EUVD-2025-210056
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...
CVE-2025-71313 PCI: endpoint: Add missing NULL check for alloc_workqueue()
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...
CVE-2025-71313
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...
PT-2026-45984
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the PCI endpoint component. The function alloc workqueue may return NULL during a memory allocation failure. If this return value is not properly...
Linux Distros Unpatched Vulnerability : CVE-2025-71313
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may le...
CVE-2026-46009
A flaw was found in the Linux kernel, specifically within the PCI endpoint NTB Non-Transparent Bridge module. A programming error involving a duplicate resource teardown in the epfntbepcdestroy function can lead to a kernel 'oops', which is a system crash. This issue can be triggered during PCI...
UBUNTU-CVE-2026-46009
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to do later. This leads to an oops when .allowlink fails or when .droplink is performed. Remove t...
Linux Distros Unpatched Vulnerability : CVE-2026-46009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to do later. This leads to a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint – Fix for misused goto labels. A misused goto label jump can lead to a memory leak. This issue has been addressed...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-test: Add a NULL check for DMA channels before releasing them. The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Therefore, it is prudent to check that...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint – Avoid creating sub-groups asynchronously Asynchronous creation of sub-groups by a delayed operation could lead to a NULL pointer dereference when the driver directory is removed before the operation completes. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: “misc: pciendpointtest”: Fixed an array underflow in pciendpointtestioctl. The commit eefb83790a0d “misc: pciendpointtest: Add doorbell test case” added NOBAR -1 to the pcibarno enum. In practical terms, this changes the enum...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: Fixed error handling in vpciscanbus Smatch complains about inconsistent NULL checking in vpciscanbus: drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpciscanbus error: We previously assumed that ‘vpcibus’ could...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI: Endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kerne...