EUVD-2022-54795

In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pcidevlock AB/BA deadlock with sriovnumvfsstore The sysfs sriovnumvfsstore path acquires the device lock before the config space access lock: sriovnumvfsstore devicelock A 1 acquire device lock sriovconfigure...

EUVD-2022-54775

Malicious code in bioql PyPI...

EUVD-2025-11204

Malicious code in bioql PyPI...

EUVD-2025-5196

Malicious code in bioql PyPI...

CVE-2022-50146 PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dwpcieepinit errors If dwpcieepinit fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be undone thus causing a memory...

CVE-2025-23161

In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmddev::cfglock a rawspinlockt type The access to the PCI config space via pciops::read and pciops::write is a low-level hardware access. The functions can be accessed with disabled interrupts even on PREEMPTRT. Th...

CVE-2025-22095 PCI: brcmstb: Fix error path after a call to regulator_bulk_get()

In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulatorbulkget If the regulatorbulkget returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to...

CVE-2024-58006 PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

CVE-2024-58006

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

CVE-2024-56745

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix resetmethodstore memory leak In resetmethodstore, a string is allocated via kstrndup and assigned to the local "options". options is then used in with strsep to find spaces: while name = strsep, " " != NULL If there are ...

CVE-2024-56699 s390/pci: Fix potential double remove of hotplug slot

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix potential double remove of hotplug slot In commit 6ee600bfbe0f "s390/pci: remove hotplug slot when releasing the device" the zpciexitslot was moved from zpcidevicereserved to zpcireleasedevice with the intention of...

CVE-2024-53194

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c "thunderbolt: Reset USB4 v2 host router" and commit 59a54c5f3dbd "thunderbolt: Res...

CVE-2024-53153

CVE-2024-53153 in the Linux kernel describes a crash condition for Qualcomm PCIe endpoints when PERST# is asserted and the host disables refclk. The issue arises because endpoint cleanup functions (e.g., dw_pcie_ep_cleanup() and pci_epc_deinit_notify()) previously ran during PERST# assert, while ...

CVE-2024-50122

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

CVE-2024-50122 PCI: Hold rescan lock while adding devices during host probe

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

CVE-2024-50122

CVE-2024-50122 is a Linux kernel vulnerability in the PCI subsystem (power control code) where a race between the power-control device rescanning and host controller probe can leave two incomplete devices and trigger a crash when removing the device via sysfs. The root cause is not fully detailed...

CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

CVE-2024-47756

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in kspciequirk This code accidentally uses && where || was intended. It potentially results in a NULL dereference. Thus, fix the if-statement expression to use the correct condition...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-46750)

"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46750 advisory. - In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to...