PT-2026-43903

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIO DEVICE SET IRQS with a per-device mutex vfio cdx set msi trigger reads vdev-config msi and operates on the vdev-cdx irqs array based on its value, but provides no serialization against concurrent VFIO...

EUVD-2026-28630

In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF which doesn't own the source timer. In that case the PTP controlling PF adapter-ctrlpf is never...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002966 advisory. drivers/vfio/pci/vfiopciintrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service integer overfl...

EUVD-2021-27012

Malware in sbrugna...

CVE-2023-53362

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: don't assume child devices are all fsl-mc devices Changes in VFIO caused a pseudo-device to be created as child of fsl-mc devices causing a crash 1 when trying to bind a fsl-mc device to VFIO. Fix this by checking th...

Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...

SUSE-SU-2025:02419-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. - CVE-2024-53214:...

UBUNTU-CVE-2024-53214

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability i.e., capability with ID greater than PCIEXTCAPIDM...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a potential memory leak in the vfio/pci module vfiointxenable...

Memory corruption

A flaw was found in the Linux kernel. A memory leak problem was found in mbochsioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O VFIO Mediated devices. This flaw could allow a local attacker to leak internal kernel information...

Debian DLA-2385-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2019-3874 Kernel buffers allocated by the SCTP network protocol were not limited by the memory cgroup controller. A local user could potentially us...

Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0070)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibl...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 4.4.105 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a...