CVE-2026-46036

The CVE covers a race in the Linux kernel vfio/cdx driver where concurrent VFIO_DEVICE_SET_IRQS ioctls can observe inconsistent state of config_msi and cdx_irqs, leading to use-after-free of the cdx_irqs array. A per-device mutex (cdx_irqs_lock) is added to struct vfio_cdx_device and is acquired ...

EUVD-2026-32417

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its value, but provides no serialization against concurrent VFIODEVICESETIRQS...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007258 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006796)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006796 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003297 advisory. drivers/vfio/pci/vfiopci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service memory corruption o...

Linux Distros Unpatched Vulnerability : CVE-2024-26813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd ha...

AZL-58836 CVE-2024-26812 affecting package kernel for versions less than 5.15.176.3-3

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL context through the...

UBUNTU-CVE-2024-26813

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allows a NULL pointer...

UBUNTU-CVE-2016-9083

drivers/vfio/pci/vfiopci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service memory corruption or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIODEVICESETIRQS ioctl call, aka a "state...