CVE-2026-46248

CVE-2026-46248 affects the Linux kernel driver stack for wifi/ath12k. The root cause occurs when an arvif is initialized in non-AP STA mode but MLO preparation fails before arvif->is_created becomes true. The error path deletes links only if arvif->is_created is true, leaving a stale ahvif-...

PT-2026-46011

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-links map When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-is created remains false, the error path attempts to...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Makes the DPT object unshrinkable. In some scenarios, the DPT object gets shrunk, but the actual framebuffer does not, so it remains in the DPT’s vm-boundlist. Then, an attempt is made to rewrite the PTEs through a...

kernel: drm/i915/dpt: Make DPT object unshrinkable

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...

DEBIAN-CVE-2024-40924

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...

UBUNTU-CVE-2024-40924

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...

DEBIAN-CVE-2024-35817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgputtmbackendunbind will not clear the gart page table entry and leave valid mapping entry pointing t...

SUSE CVE-2023-38409

An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...

FreeBSD : FreeBSD -- Memory disclosure by stale virtual memory mapping (13d37672-9791-11eb-b87a-901b0ef719ab)

A particular case of memory sharing is mishandled in the virtual memory system. It is possible and legal to establish a relationship where multiple descendant processes share a mapping which shadows memory of an ancestor process. In this scenario, when one process modifies memory through such a...