65 matches found
CVE-2026-64051
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Add overflow check to remappfnrange during mmap The call to remappfnrange in qaicgemobjectmmap is susceptible to remapping beyond the VMA if the BO is too large. This can cause use after free issues when munmap unmaps...
CVE-2026-64051
In the Linux kernel vulnerability CVE-2026-64051, the issue arises in accel/qaic: remap_pfn_range used during mmap can map beyond the VMA when the BO is large, risking use-after-free if munmap() only unmaps the VMA region. The root cause is insufficient size checks before remapping in qaic_gem_ob...
CVE-2026-64051 accel/qaic: Add overflow check to remap_pfn_range during mmap
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Add overflow check to remappfnrange during mmap The call to remappfnrange in qaicgemobjectmmap is susceptible to remapping beyond the VMA if the BO is too large. This can cause use after free issues when munmap unmaps...
EUVD-2026-45624
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Add overflow check to remappfnrange during mmap The call to remappfnrange in qaicgemobjectmmap is susceptible to remapping beyond the VMA if the BO is too large. This can cause use after free issues when munmap unmaps...
PT-2026-61368
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Add overflow check to remap pfn range during mmap The call to remap pfn range in qaic gem object mmap is susceptible to remapping beyond the VMA if the BO is too large. This can cause use after free issues when munmap...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Fixed the memory leak caused by slicing operations. The temporary buffer that stores slicing configuration data from the user is only freed in case of an error. This constitutes a memory leak. The buffer should be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: A leak was fixed in mapuserpages. If getuserpagesfast allocates some pages, but not as many as we wanted, then the current code causes those pages to be leaked. Call putpage on the pages before returning...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Improved the bounds checking in decodemessage by copying the bounds checking from encodemessage to decodemessage. This patch addresses the following issues: - Ensure that there is enough space for at least one...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: The integer overflow checks in mapuserpages have been cleaned up. The encodedma function includes some validations for intrans-size. However, it would be clearer to move these checks to findandmapuserpages. encoded...
CVE-2026-43007
A flaw was found in the accel/qaic component of the Linux kernel. When a user process terminates before the device's deactivation transaction for a Device-Bound Context DBC is fully processed, the host system can become out of sync with available DBCs. This can lead to a denial of service, where ...
CVE-2026-43007 accel/qaic: Handle DBC deactivation if the owner went away
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over the QAICCONTROL MHI channel. QAIC handles this by calling...
CVE-2026-43007
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over the QAICCONTROL MHI channel. QAIC handles this by calling...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a failure to process a DBC de-activation transaction in the qaic driver after a user leaves, which could...
Azure Linux 3.0 Security Update: kernel (CVE-2025-22001)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22001 advisory. - In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in...
Linux Distros Unpatched Vulnerability : CVE-2023-53778
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move...
CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
SUSE CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
EUVD-2023-60128
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
UBUNTU-CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
CVE-2023-53778 accel/qaic: Clean up integer overflow checking in map_user_pages()
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...