63 matches found
CVE-2026-53201
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...
CVE-2026-45958
A flaw was found in the Linux kernel's drm/exynos: vidi driver. A local user could exploit this vulnerability by directly dereferencing a user pointer in the vidiconnectionioctl function. This allows for arbitrary kernel memory access from user space, potentially leading to privilege escalation o...
CVE-2026-45958
drm/exynos: vidi: fix to avoid directly dereferencing user pointer...
PT-2026-43825
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the vidi connection ioctl function where the vidi-edid user pointer is directly dereferenced within the kernel. This allows arbitrary kernel memory access from user spac...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a dangling pointer in krbauthenticate. krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user, but that function may return without doing so...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed a memory leak in kfdmemdmamapuserptr. If the number of pages from the userptr BO differs from the SG BO, then the allocated memory for the SG table does not get freed before returning – leading to an EINVAL erro...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARNONs, particularly when pinuserpages strangely returns 0 due to invalid arguments. This issue prevents t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: Do not rely on user vaddr alignment. There is no guaranteed alignment for user pointers. However, the calculation of the offset from the first page to a folio after coalescing uses some strange bit mask logic;...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function directly invokes sprintf on a user pointer, resulting in a crash. To fix this issue, use a small local stack buffer for sprintf, and...
SUSE CVE-2026-31781
In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...
CVE-2026-43073
In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...
CVE-2026-43073 x86-64: rename misleadingly named '__copy_user_nocache()' function
In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...
PT-2026-36416
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The drm compat ioctl path accepts a user-controlled pointer and dereferences it into a table of function pointers. This pattern is characteristic of Spectre problems, which are...
CVE-2023-54239 iommufd: Check for uptr overflow
In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARNONs, particularly from pinuserpages weirdly returning 0 due to invalid arguments. Prevent creating a pages...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked user pointer overflow that could lead to a null pointer dereference...
CVE-2022-50619
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...
SUSE CVE-2025-40336
In the Linux kernel, the following vulnerability has been resolved: drm/gpusvm: fix hmmpfntomaporder usage Handle the case where the hmm range partially covers a huge page like 2M, otherwise we can potentially end up doing something nasty like mapping memory which is outside the range, and maybe...
EUVD-2022-55693
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...
CVE-2022-50619 drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...
PT-2025-49460
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the kfd mem dmamap userptr function within the drm/amdkfd module. This occurs when the number of pages from the userptr BO differs from the SG BO, leading to...