223 matches found
CVE-2026-53164
The CVE-2026-53164 issue in the Linux kernel affects the iommu/dma path, specifically swiotlb handling of mappings in iommu_dma_iova_link_swiotlb(). When a mapping is unaligned, the middle segment may be empty and a 0-size call to iommu_map() occurs, which the iommupt implementation treats as ill...
EUVD-2026-38818
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...
CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref on a nouveaubo without initializing it and thus the backing ttmbo leads to a refcount underflow. Instead of calling nouveauboref in the unwind path of...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed a memory leak in the error flow for the subscribe event routine. In the event that the second xainsert function fails, the objevent object is not released. This issue has been fixed by correcting the error...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Media: PCI: cx23885: Check cx23885vdevinit return. cx23885vdevinit may return a NULL pointer, but that pointer is used in the next line without any checks. Add a NULL pointer check, and proceed with error unwinding if the pointer...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fixed an error handling path in da7219registerdaiclks. If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, partial iterations should be cleaned up before performing...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu: Fixed an error in the unwind operation of iommugroupalloc. If either iommugroupgratefile fails, then iommugroup will be leaked. This issue should be addressed during these error-prone paths. Detected by...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak has been fixed in hpdrxirqcreateworkqueue. If the construction of the array of work queues to handle hpdrxirq offload fails, we need to unwind the process. All created workqueues and the allocated memory...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cma: Fixed a listener leak in the rdmacmalistenonall function when it fails. If the cmalistenonall function fails, the per-device ID remains in the listenlist, but the state is not set to RDMACMADDRBOUND. When the CMID is...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed an error in the unwind operation of rxecreateqp. In the function rxecreateqp, the rxeqpfrominit function is called to initialize the qp. Internally, things like the spin locks are not set up until rxeqpinitreq is...
CVE-2026-52904
The CVE-2026-52904 entry covers a Linux kernel issue in drm/nouveau where nvkm_device leaks occur if aperture_remove_conflicting_pci_devices() fails during probe. The allocated nvkm_device from nvkm_device_pci_new() is not unwound on error, leaking both the device wrapper and the pci_enable_devic...
Linux Distros Unpatched Vulnerability : CVE-2026-46126
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ tab...
RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()
...
SUSE CVE-2026-46126
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...
SUSE CVE-2026-46144
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...
CVE-2026-46144
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the mana driver. During an error unwind in the manaibcreateqprss function, a resource leak occurs where manaibcfgvportsteering is not properly cleaned up. This vulnerability could lead to resour...
CVE-2026-46178
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix resource leak on error in mlx4ibcreatesrq Sashiko points out that mlx4srqalloc was not undone during error unwind, add the missing call to mlx4srqfree...
CVE-2026-46144
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...
CVE-2026-46126
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...