PUB-A-373409261

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core from accessing an invalid event buffer address This commit addresses a issue where the USB core might access an invalid event buffer address during runtime suspension, potentially causing SMMU...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidiasmmucontextfault This issue was caused by an indirect reference to the function pointer. The nvidiasmmucontextfault function is also defined as an irq function, and the ‘void ’ type w...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fixed a possible null-ptr-deref in armsmmudeviceprobe. This issue could lead to a null-ptr-deref when using ‘res’, if platformgetresource returns NULL. Therefore, move operations using ‘res’ should be performed...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: iommu/arm-smmu-v3: Fixed the soft lockup triggered by armsmmumminvalidaterange. When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------- watchdog:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021587)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021587 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Defer probe of clients after smmu device bound Null pointer dereference occurs du...

Unbreakable Enterprise kernel security update

5.15.0-320.202.8.2 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344515 CVE-2026-43284 5.15.0-320.202.8.1 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug...

Unbreakable Enterprise kernel security update: Dirty Frag

5.15.0-319.201.4.6 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39342679 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342679 CVE-2026-43284 5.15.0-319.201.4.5 - iommu/arm-smmu-v3: Handle zeroed A4-2C HTTU override settings...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix armsmmudevice refcount leak when armsmmurpmget fails armsmmurpmget invokes pmruntimegetsync, which increases the refcount of the "smmu" even though the return value is less than 0. The reference counting issue...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fix mm use-after-free We currently call arm64mmcontextput without holding a reference to the mm, which can result in use-after-free. Call mmgrab/mmdrop to ensure the mm only gets freed after we unpinned the...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011049)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011049 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit armsmmupmuinit won't remove the callback...

CVE-2026-0027

In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0027

In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0027

In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0027

The CVE affects the Linux kernel for ARM SMMU v3, specifically in the smmu_detach_dev path of arm-smmu-v3.c, where a use-after-free can trigger an out-of-bounds write. This leads to local privilege escalation to System execution privileges, with no user interaction required. The description notes...

CVE-2026-0027

In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0027

In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from the smmudetachdev function’s ability to re-use memory after it is released. This can lead to out-of-bound writing and local privilege...

ASB-A-456069704

In smmudetachdev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...