302 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in hshewephaslimitsbox. The pcigetdevice function will increase the reference count of the returned ‘dev’. We need to call pcidevput to decrease the reference count. Since...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in snruncoremmiomap. pcigetdevice will increase the reference count of the returned pcidev. Therefore, snruncoregetmcdev will return a pcidev with its reference count...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ixgbe: fixed the refcount leak for PCI devices As stated in the comment for pcigetdomainbusandslot, it returns a PCI device with the reference count incremented. When using this device, the caller must decrement the reference...
EUVD-2025-209863
Improper input validation in the AMD Secure Processor ASP PCI driver could allow a local attacker to trigger a Use-After-Free UAF condition, potentially resulting in a loss of platform integrity or crash...
PT-2026-41227
Improper Input validation in the AMD Secure Processor ASP PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service...
EUVD-2026-28754
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvmepollirqdisable In the following scenario, pdev can be disabled between 1 and 3 by 2. This sets pdev-msixenabled = 0. Then, pciirqvector will return MSI-X IRQ15 for 1 whereas return INTx IRQcqvector...
CVE-2026-43211
A flaw was found in the Linux kernel. An error in the PCI Peripheral Component Interconnect subsystem's lock management, specifically within the pcislottrylock function, can lead to system instability. This occurs when a lock is incorrectly released, potentially causing warnings or interfering wi...
CVE-2026-43147
A flaw was found in the Linux kernel. A local user can cause a system deadlock by performing specific operations related to SR-IOV Single Root I/O Virtualization device removal. This occurs due to a recursive lock acquisition within the PCI Peripheral Component Interconnect subsystem, specificall...
CVE-2026-43213
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...
CVE-2026-43211
CVE-2026-43211 – Linux kernel PCI slot lock handling fix The issue arises in PCI lock management: pci_slot_trylock() incorrectly handled unlocking when nested locks fail, due to an extra pci_dev_unlock(dev) on the failure path after delegating to pci_bus_trylock(). This could trigger a warning ab...
CVE-2026-43176
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 "wifi: rtw89: pci: validate sequence number of TX release report" does validation on existing chips, which somehow a release...
CVE-2026-43147
In the Linux kernel, the following vulnerability has been resolved: Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" This reverts commit 05703271c3cd "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV", which causes a deadlock by recursively takin...
CVE-2026-43147
CVE-2026-43147 concerns a deadlock in the Linux kernel SR-IOV removal path. The issue arises when sriov_del_vfs() is invoked during pci_stop_and_remove_bus_device(), causing a recursive lock acquisition on pci_rescan_remove_lock and leading to system unresponsiveness. The public description confi...
CVE-2026-43097
In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fix double idafree in hvpciprobe error path If hvpciprobe fails after storing the domain number in hbus-bridge-domainnr, there is a call to free this domainnr via pcibusreleaseemuldomainnr, however, during cleanup, the...
CVE-2026-43097
CVE-2026-43097 affects the Linux kernel PCI Hyper-V driver. During error handling in hv_pci_probe, the domain_nr is freed twice: first via pci_bus_release_emul_domain_nr(), and again when the bridge release callback pci_release_host_bridge_dev() runs during cleanup, leading to ida_free on an unal...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect parameter order in the functions pciprimaryepcepfunlink and pcisecondaryepcepfunlink...
PT-2026-37487
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the Linux kernel when sriov del vfs is called as part of pci stop and remove bus device. This happens because the system recursively attempts to acquire the pci resc...
Linux Distros Unpatched Vulnerability : CVE-2026-43211
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: Fix pcislottrylock error handling Commit a4e772898f8b PCI: Add missing bridge lock to pcibuslock delegates the bridge device's pcidevtrylock to...
PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup
...