495 matches found
CVE-2026-53280
The CVE-2026-53280 issue affects the Linux kernel IOMMU path. A NULL group->domain could be dereferenced in pci_dev_reset_iommu_done() when a default domain fails to allocate during the first probe, potentially causing a crash at domain->ops->attach_dev invoked by __iommu_attach_device()...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86/intel/pmt: Fixed an issue with NULL pointer access in crashlog. The use of intelpmtread for binary sysfs requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: hwrng: geode – Fixed the PCI device reference count leak issue. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice indicates that it will increase the reference count of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: fixed a memory leak in ath12kpciremove The issue was reported as follows: unreferenced object 0xffff1c165cec3060 size 32: comm "insmod", pid 560, jiffies 4296964570 age 235.596s backtrace:...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed pcideviceispresent for VFs by checking PF. pcideviceispresent previously did not work for VFs because it read the Vendor and Device ID, both of which are 0xffff for VFs, implying that these devices are not present...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed the race involving destroyworkonstack. The following debug object splat was observed during testing: ODEBUG: Freeing an active object active state 0: 0000000097d23782; Object type: workstruct; Hint:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fixed the PCI device reference count leak in mt7915pciinithif2. According to the comments on pcigetdevice, it returns a pcidevice with its reference count increased. We need to call pcidevput to decrease the referen...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed a memory leak when CONFIGDEBUGOBJECTS=y is enabled. After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak when CONFIGDEBUGOBJECTS=y is set...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/dwcpcie: fixed duplicate PCIDEV devices. During the platformdeviceregister function, the incorrect use of structdevice as platformdata resulted in a kmemdup operation on the PCIDEV device. Even worse, accessing the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the refcount leak for PCI devices. According to the comments on pcigetdomainbusandslot, it returns a PCI device with a refcount that increments after use. Therefore, the caller must decrement the reference count...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: hwrng: amd – Fix the PCI device reference count leak foreachpcidev is implemented through pcigetdevice. The comment for pcigetdevice states that it will increase the reference count of the returned pcidev, and also decrease th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed a crash that occurred during the transportportremove function, by using iocinfo. During this function, messages were logged via devprintk regarding &mpt3sasport-port-dev. At this point, the SAS transport devi...
Astra Linux – Vulnerability in libvirt
A vulnerability was discovered in libvirt. This security flaw occurs due to repeated queries of the capabilities of an SR-IOV PCI device, which leads to a memory leak caused by failure to free the virPCIVirtualFunction array within the parent struct’s gautoptr cleanup...
EUVD-2026-32783
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongsongpufixupdmahang The switch case in loongsongpufixupdmahang may not DC2 or DC3, and readlcrtcreg will access with random address, because the "device" is from "base+PCIDEVICEID", "base" is...
SUSE CVE-2026-45989
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...
UBUNTU-CVE-2026-45989
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...
CVE-2026-45989
CVE-2026-45989: Linux kernel use-after-free in unittest testdrv_probe() is mitigated in openSUSE/Root environments by updating kernel-devel to 7.0.11-1.1. The initial description explains that testdrv_probe() retrieves a device_node from the PCI device, applies an overlay, and then calls of_node_...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: vdpa: fixed a use-after-free in vpvdparemove. When the vpvdpa driver is unbound, vpvdpa is freed in vdpaunregisterdevice, and then vpvdpa-mdev.pcidev is dereferenced in vpmodernremove, triggering a use-after-free. Call trace for...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices in hasexternalpci has been fixed. foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: hwmon: In coretemp, a leak of the reference count for PCI devices was addressed in nv1aramnew. According to the comments on pcigetdomainbusandslot, it returns a PCI device whose reference count is incremented after use. The calle...