59 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: A leak in mapuserpages was fixed. If getuserpagesfast allocates some pages, but not as many as we wanted, then the current code causes those pages to be leaked. Call putpage on the pages before returning...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Tightened bounds checking in decodemessage. The bounds checking was moved from encodemessage to decodemessage. This patch addresses the following issues: - Ensure that there is enough space for at least one header,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Cleaned up integer overflow checks in mapuserpages. The encodedma function includes some validations for intrans-size. However, it would be clearer to move these checks to findandmapuserpages. encodedma had two checks...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Fixed the memory leak caused by slicing operations. The temporary buffer that stores slicing configuration data from the user is only freed in case of an error. This constitutes a memory leak. The buffer should be...
CVE-2026-43007
A flaw was found in the accel/qaic component of the Linux kernel. When a user process terminates before the device's deactivation transaction for a Device-Bound Context DBC is fully processed, the host system can become out of sync with available DBCs. This can lead to a denial of service, where ...
CVE-2026-43007
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over the QAICCONTROL MHI channel. QAIC handles this by calling...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a failure to process a DBC de-activation transaction in the qaic driver after a user leaves, which could...
Azure Linux 3.0 Security Update: kernel (CVE-2025-22001)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22001 advisory. - In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in...
Linux Distros Unpatched Vulnerability : CVE-2023-53778
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move...
CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
SUSE CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
EUVD-2023-60128
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
UBUNTU-CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
CVE-2023-53778 accel/qaic: Clean up integer overflow checking in map_user_pages()
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
PT-2025-49638
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the accel/qaic component related to integer overflow checking within the map user pages function. The encode dma function previously had validation on...
CVE-2025-40177
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to...
accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages()
...
EUVD-2025-124911
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...
CVE-2025-40172
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...
UBUNTU-CVE-2025-40172
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...