639 matches found
CVE-2026-53054
CVE-2026-53054 affects the Linux kernel DRM subsystem for Qualcomm Adreno (MSM) where an incorrect argument in VM_BIND UNMAP locking caused certain objects involved in UNMAP operations to not be consistently locked. The issue could impact system stability, particularly for non-NO_SHARE buffer obj...
CVE-2026-53021 scsi: target: core: Fix integer overflow in UNMAP bounds check
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix integer overflow in UNMAP bounds check sbcexecuteunmap checks LBA + range does not exceed the device capacity, but does not guard against LBA + range wrapping around on 64-bit overflow. Add an overflow che...
CVE-2026-53021
CVE-2026-53021 affects the Linux kernel SCSI target core (UNMAP bounds check). The root cause is an overflow where LBA + range can wrap on 64-bit overflow, with a fix that adds an overflow check mirroring the pattern used for WRITE_SAME. Publicly noted patches exist across multiple OS families: R...
CVE-2026-53009
The CVE-2026-53009 issue affects the Linux kernel ice network driver. When ice_tso() or ice_tx_csum() fail, the error path in ice_xmit_frame_ring() frees the skb, but the first tx_buf may still reference it and be marked ICE_TX_BUF_SKB, with next_to_use unchanged. If there is no subsequent packet...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release the per-CPU pgmap reference when vminsertpage fails. When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap does not invoke percpurefput to free the per-CPU reference to pgmap acquired after...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused, rather than simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused. However, it never sets t-paused, even though it can determine...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add the missing unmap in sndcx88hwparams In the error path, add cx88alsadmaunmap to release the resource acquired by cx88alsa DMAmap...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Add the missing unmap in sndcx23885hwparams In the error path, add cx23885alsadmaunmap to release the resource acquired by cx23885alsadmamap...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbd: fix dmaunmapsg nents The dmaunmapsg functions should be called with the same nents as the dmamapsg, not with the value returned by the map function...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the issue of double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned...
CVE-2026-52939
CVE-2026-52939 is addressed by the Debian/Ubuntu Linux kernel fixes in the 6.1.y series. Debian LTS advisories (DLA-4671, DLA-4665) indicate linux-6.1 packages are updated to mitigate this issue, e.g., Debian 11/12 updates shipping linux-6.1 with CVE-2026-52939 included and patched versions such ...
CVE-2026-52939 net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...
PT-2026-51948
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/msm component where a wrong argument caused objects involved in UNMAP operations to not be consistently locked. This behavior specifically affects non- NO SHAR...
PT-2026-51915
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the SCSI target core component. The sbc execute unmap function verifies that the Logical Block Address LBA plus the range does not exceed the device capacit...
PT-2026-52002
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel for powerpc/64s architectures during the unmapping of Page Middle Directory PMD migration entries. The issue occurs when a move pages system...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed a kernel panic that could occur when partially unmapping a GPU virtual address region. This commit addresses a kernel panic issue that can occur when the userspace tries to partially unmap a GPU virtual address...
CVE-2026-10635 Dangling memory-domain pointer (use-after-free) in Xtensa MMU page-table code on memory-domain de-init
On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...
PT-2026-47754
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM arm64 component where the kvm-arch.nested mmus array is accessed under the kvm-mmu lock, including within the MMU notifier path via the functions kvm unmap gfn...
CVE-2026-10718
Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...
EUVD-2026-34043
Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...