CVE-2026-9872

Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2025-71307

A flaw was found in the Linux kernel's drm/panthor component. This vulnerability, a NULL pointer dereference, occurs during the firmware unplug process when the Microcontroller Unit MCU is in an unexpected state or its firmware is not initialized. This can lead to system instability or a denial o...

CVE-2026-46217

A flaw was found in the Linux kernel, specifically within the AMD GPU Graphics Processing Unit driver component drm/amdgpu/vcn4. This vulnerability is caused by an integer overflow during a message bound check. An attacker could potentially exploit this flaw to cause system instability or a denia...

CVE-2026-9113

An out of bounds read flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489585044...

CVE-2026-9112

An use after free flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489791425...

UBUNTU-CVE-2026-46156

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongsongpufixupdmahang The switch case in loongsongpufixupdmahang may not DC2 or DC3, and readlcrtcreg will access with random address, because the "device" is from "base+PCIDEVICEID", "base" is...

CVE-2026-46217

CVE-2026-46217 concerns the Linux kernel AMDGPU driver component drm/amdgpu/vcn4, where an integer overflow occurs during a message bound check. Red Hat reports the flaw could cause system instability or DoS, indicating the vulnerability lies in the vcn4 code path of the AMDGPU driver. Several so...

of: unittest: fix use-after-free in testdrv_probe()

...

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

CVE-2026-45944

A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit VT-d Virtualization Technology for Directed I/O component. When a context entry is being torn down, the 'Present' bit might not be cleared before other parts of the entry are zeroed. This can lead to the hardware...

PT-2026-44621

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An inappropriate implementation in the GPU allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

PT-2026-44581

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An out of bounds write in the GPU allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique used to brea...

PT-2026-44236

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 shadow paging mechanism. The shadow MMU calculates Guest Frame Numbers GFNs for direct shadow pages by adding the SPTE index to sp-gfn. This...

CVE-2026-46058

A flaw was found in the Linux kernel, specifically within the amphion video processing unit VPU driver. A race condition, a situation where multiple operations occur in an unpredictable order, exists in the Video for Linux 2 V4L2 media-to-memory m2m framework. This vulnerability allows a local...

EUVD-2026-32236

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

EUVD-2026-32328

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...

UBUNTU-CVE-2026-45944

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...

UBUNTU-CVE-2026-45952

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

CVE-2025-71307

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthorfwunplug This patch removes the MCU halt and wait for halt procedures during panthorfwunplug as the MCU can be in a variety of states or the FW may not even be loaded/initialize...

CVE-2026-45952 eth: fbnic: Add validation for MTU changes

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...