307 matches found
CVE-2026-43283
The CVE-2026-43283 issue is in the Linux kernel's ec_bhf Ethernet driver where error-path handling used priv->rx_buf.alloc_len as the DMA handle in dma_free_coherent(), risking improper unmapping and potential memory corruption or DoS. The fix changes the DMA handle to priv->rx_buf.alloc_ph...
CVE-2026-43250
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...
CVE-2026-43250 usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke()
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...
PT-2026-37590
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ChipIdea UDC driver fails to properly unmap DMA buffers or clean up scatter-gather bounce buffers when the ep nuke function is called during a USB device disconnection during an acti...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of a wrong DMA handle in the dmafreecoherent function during an erroneous path...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to expand the collection range when unmapping large mappings, potentially leading to invali...
CVE-2026-31589
A flaw was found in the Linux kernel's memory management. This vulnerability, known as a use-after-free, occurs when the system attempts to access a memory region after it has been released. Specifically, during the unmapping and invalidation of a memory page folio, the system can incorrectly...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010890)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010890 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle...
SUSE CVE-2026-31398
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
CVE-2026-31398
A flaw was found in the Linux kernel's memory management unit MMU. A local user could exploit this vulnerability by manipulating memory operations, leading to incorrect page table entry PTE restoration for lazyfree folios during batch unmapping. This issue can cause memory pages with mixed writab...
CVE-2026-23432
A flaw was found in the Linux kernel's mshv component. A local user could exploit a use-after-free vulnerability by unmapping memory after a specific error path in the mshvmapusermemory function. This can cause a system crash kernel panic due to the system attempting to access freed memory...
CVE-2026-23432
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshvmapusermemory error path In the error path of mshvmapusermemory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires...
CVE-2026-31398
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
CVE-2026-31398
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
CVE-2026-31398 mm/rmap: fix incorrect pte restoration for lazyfree folios
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
PT-2026-30127
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshv map user memory error path In the error path of mshv map user memory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier...
CVE-2026-23289
A flaw was found in the Linux kernel's IB/mthca component. A local user could exploit this vulnerability by triggering a system call failure path related to the mthcacreatesrq function. This oversight leads to a missed unmapping of user database resources, resulting in a resource leak...
UBUNTU-CVE-2026-23361
In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry Endpoint drivers use dwpcieepraisemsixirq to raise an MSI-X interrupt to the host using a writel, which generates a PCI posted write transaction. There's no completio...
CVE-2026-23361
In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry Endpoint drivers use dwpcieepraisemsixirq to raise an MSI-X interrupt to the host using a writel, which generates a PCI posted write transaction. There's no completio...
CVE-2026-23361 PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry
In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry Endpoint drivers use dwpcieepraisemsixirq to raise an MSI-X interrupt to the host using a writel, which generates a PCI posted write transaction. There's no completio...