291 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommupt: Fixed the issue where short gathers occur when unmapping a large entry. The unmap operation has an unusual behavior—it may unmap more entries than requested, especially if the destination address falls within the middle ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/fixmap: Fixed the VM debug warning when unmapping a fixmap entry. The unmapping of a fixmap entry is performed by calling setfixmap, with FIXMAPPAGECLEAR as the flag. Currently, powerpc setfixmap calls mapkernelpage...
CVE-2025-29936
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
CVE-2025-29936
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
CVE-2025-29936
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
PT-2026-41248
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
EUVD-2026-28751
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
CVE-2026-43445
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
CVE-2026-43445
CVE-2026-43445 is a Linux kernel vulnerability in the e1000/e1000e drivers (and potentially igbvf) where a DMA mapping error cleanup leak could occur. The root cause was an off-by-one condition in the dma_error path: count was decremented before the loop, so if any TX buffer mappings succeeded be...
CVE-2025-71301 drm/tests: shmem: Hold reservation lock around vmap/vunmap
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around vmap/vunmap Acquire and release the GEM object's reservation lock around vmap and vunmap operations. The tests use vmaplocked, which led to errors such as show below. 122.292030...
CVE-2026-43283
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ecbhf: Fix dmafreecoherent dma handle dmafreecoherent in error path takes priv-rxbuf.alloclen as the dma handle. This would lead to improper unmapping of the buffer. Change the dma handle to priv-rxbuf.allocphys...
CVE-2026-43250
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...
CVE-2026-43283
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ecbhf: Fix dmafreecoherent dma handle dmafreecoherent in error path takes priv-rxbuf.alloclen as the dma handle. This would lead to improper unmapping of the buffer. Change the dma handle to priv-rxbuf.allocphys...
CVE-2026-43283
The CVE-2026-43283 issue is in the Linux kernel's ec_bhf Ethernet driver where error-path handling used priv->rx_buf.alloc_len as the DMA handle in dma_free_coherent(), risking improper unmapping and potential memory corruption or DoS. The fix changes the DMA handle to priv->rx_buf.alloc_ph...
CVE-2026-43250
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...
PT-2026-37590
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ChipIdea UDC driver fails to properly unmap DMA buffers or clean up scatter-gather bounce buffers when the ep nuke function is called during a USB device disconnection during an acti...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of a wrong DMA handle in the dmafreecoherent function during an erroneous path...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, whereas all of the entries in the kmapops array would be valid. Thi...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: USB: UAS – Fix for the URB unmapping issue when the UAS device is removed during ongoing data transfer When a UAS device is unplugged during data transfer, there is a possibility of a system panic occurring. The root cause is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: iio: adc: menz188adc: Fix a resource leak in an error handling path If iiodeviceregister fails, a previous ioremap is left unbalanced. Update the error handling path and add the missing iounmap call, as already done in the remove...