CVE-2025-47368

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

CVE-2025-47368 Buffer Over-read in DSP Service

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

CVE-2025-47368

CVE-2025-47368 affects Qualcomm DSP Service (Memory corruption in MCDM IOCTL processing when dereferencing an invalid userspace address in a user buffer). The CVSS v3.1 vector indicates a Local, Low-Complexity exploit with Low Privileges Required, no user interaction, and impacts on confidentiali...

CVE-2025-47368 Buffer Over-read in DSP Service

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when an invalid userspace address is dereferenced during MCDM IOCTL processing...

PT-2025-44932

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing. This can lead to a buffer over-read in the DSP Service. Recommendations At the...

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fixed a hang that occurred when cmaneteventcallback failed to call queuework. The referenced commit addressed a crash that occurred when cmaneteventcallback was called for a cmaid, while work on that id from a previous...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Added conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already protect the...

USN-7835-4 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...

uio_hv_generic: Let userspace take care of interrupt mask

...

SUSE CVE-2025-40026

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-40026

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-40048

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...

EUVD-2025-36441

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-40048

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...

CVE-2025-40048 uio_hv_generic: Let userspace take care of interrupt mask

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...

CVE-2025-40048

CVE-2025-40048 affects the Linux kernel’s uio_hv_generic driver. The issue arises from a race where the interrupt mask could be changed by the driver while the user space is handling interrupts, potentially causing a hang where interrupts are missed. Connected advisory notes indicate affected ker...

CVE-2025-40048 uio_hv_generic: Let userspace take care of interrupt mask

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...

CVE-2025-40026

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...