303 matches found
USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
UBUNTU-CVE-2026-53280
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...
CVE-2026-53120
A flaw was found in the Linux kernel's PCI Peripheral Component Interconnect subsystem. A Use-After-Free UAF vulnerability exists where a driver, during its probing process, accesses a memory region after it has been freed. This improper handling of memory can lead to system instability, memory...
EUVD-2026-38988
In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...
CVE-2026-53120
In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...
PT-2026-52014
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the PCI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...
PT-2026-47790
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the drm/nouveau component when aperture remove conflicting pci devices fails during the probe process. The error path returns immediately without releasing the nv...
CVE-2025-71313
Summary (CVE-2025-71313) : In the Linux kernel PCI endpoint driver, there is a missing NULL check after alloc_workqueue(), which can return NULL on memory allocation failure. If a NULL workqueue pointer is later passed to queue_work() in epf_ntb_epc_init(), this can cause a NULL pointer dereferen...
CVE-2026-46092
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...
EUVD-2026-32475
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pciupstreambridge returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will crash. This has probably...
CVE-2026-45880
CVE-2026-45880 – Linux kernel PCI/P2PDMA issue : When vm_insert_page() fails during p2pmem_alloc_mmap(), the code does not release the per-CPU ref for pgmap acquired after gen_pool_alloc_owner(), causing memunmap_pages() to hang when removing a PCI device. The patch fixes this by adding the missi...
CVE-2026-45880 PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails
In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap doesn't invoke percpurefput to free the per-CPU ref of pgmap acquired after genpoolallocowner, and...
PT-2026-43876
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A duplicate resource teardown occurs in the PCI endpoint pci-epf-ntb component. The function epf ntb epc destroy performs...
PT-2026-43747
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI/P2PDMA component where the p2pmem alloc mmap function fails to invoke percpu ref put to release the per-CPU reference of pgmap acquired after gen pool alloc...
CVE-2026-45880
PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering. It is possible to trigger a use-after-free situation here by: a forcing rescanworkfunc to take a long time, and b using a pwrctrl driver that may be unloaded for som...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ixgbe: fixed the refcount leak for PCI devices As stated in the comment for pcigetdomainbusandslot, it returns a PCI device with the reference count incremented. When using this device, the caller must decrement the reference...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent. If the controller is not marked as cache coherent, then the kernel will try to ensure coherence during DMA operations, which may lead to data corruption. Therefore...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices was fixed in dmardevscopeinit. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fixes the issue where notifiers are shared between PCI and VIO buses. The failiommusetup function registers the failiommubusnotifier struct for both PCI and VIO buses. The struct notifierblock is a linked-list node...