CVE-2026-31390

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xevmmadviseioctl When checkboargsaresane validation fails, jump to the new freevmas cleanup label to properly free the allocated resources. This ensures proper cleanup in this error path. cherry picked...

PT-2026-30173

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak in the xe vm madvise ioctl function within the drm/xe subsystem of the Linux kernel has been addressed. The issue occurs when validation within check bo args are sane fails...

SUSE CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

CVE-2026-23416

A flaw was found in the Linux kernel. An issue in the memory management mm/mseal component, specifically during the merging of Virtual Memory Areas VMAs, could lead to incorrect updates of VMA end pointers. This could result in stale memory pointers and incorrect starting points for subsequent...

EUVD-2026-18198

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

DEBIAN-CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

CVE-2026-23416 mm/mseal: update VMA end correctly on merge

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

CVE-2026-23416

The CVE-2026-23416 issue affects the Linux kernel (mm/mseal) where vm_area_struct end handling could become stale during VMA merges. The root cause is curr_end not staying in sync when a VMA is updated via vma_modify_flags(), leading to an incorrect curr_start on the next iteration. The fix uncon...

PT-2026-29723

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in curr end, and then upon iterating to the next VMA updated curr start to curr end to advance to the next VMA. However, this doesn't tak...

PT-2026-29722

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futex key to node opt and vma replace policy During futex key to node opt execution, vma-vm policy is read under speculative mmap lock and RCU. Concurrently, mbind may call vma replace policy which frees th...

CVE-2026-23380

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose When a process forks, the child process copies the parent's VMAs but the usermapped reference count is not incremented. As a result, when both the parent and child processes exit,...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets. These vulnerabilities stem from shared VM references that allow HLOS access to bootloaders and certificate chains, potentially leading to...

CVE-2025-71228

Removed by vendor...

CVE-2025-71228

In the Linux kernel for LoongArch (32-bit), CVE-2025-71228 arises from an incorrect protection_map for VM_NONE/VM_SHARED. _PAGE_PROTNONE is treated as 0 on 32-bit, causing a Virtual Memory area to be VM_NONE or VM_SHARED and result in non-present pages, leading to a kernel Oops. The fix replaces ...

CVE-2025-71228 LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set correct protectionmap for VMNONE/VMSHARED For 32BIT platform PAGEPROTNONE is 0, so set a VMA to be VMNONE or VMSHARED will make pages non-present, then cause Oops with kernel page fault. Fix it by set correct...

CVE-2025-71228

...

Linux Distros Unpatched Vulnerability : CVE-2025-71228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LoongArch: Set correct protectionmap for VMNONE/VMSHARED For 32BIT platform PAGEPROTNONE is 0, so set a VMA to be VMNONE or VMSHARED will make pages non-present...

SUSE CVE-2026-23199

In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...