Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/vkms: Fixed issues related to use after free and double-free operations during initialization. If the driver initialization fails, the vkmsexit function may access an uninitialized or freed defaultconfig pointer, potential...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vkms: fixed a possible null pointer dereferencing issue. In amdgpuvkmsconngetmodes, the return value of drcmcvtmode is assigned to mode. This could lead to a null pointer dereferencing issue if drcmcvtmode fails. A che...

CVE-2025-71315

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

UBUNTU-CVE-2025-71315

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

CVE-2025-71315

The CVE-2025-71315 entry describes a Linux kernel fix: the vkms vblank timer is replaced by the DRM vblank timer implementation, removing vkms’ hrtimer and routing through vkms’ handle_vblank_timeout via drm_crtc_helper_funcs. This clarifies the affected component as the vkms driver in the DRM su...

Linux Distros Unpatched Vulnerability : CVE-2025-71315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in...

PT-2026-47306

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/vkms component where the vblank timer implementation differs from the standard DRM implementation. The vblank timer utilizes the handle vblank timeout function...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fixed a memory leak in vkmsinit. A memory leak was reported after the vkms module installation failed. Unreferenced object 0xffff88810bc28520 size 16: Command: modprobe, PID 9662, Jiffies: 4298009455 Age: 42.590 seconds...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: The null-ptr-deref issue in vkmsrelease has been fixed. A null-ptr-deref occurs when trying to destroy the workqueue in vkms-output.composerworkq during vkmsrelease. KASAN: Null-ptr-deref occurred in the range...

ROS-20260126-73-0007

A vulnerability in the drivers/gpu/drm/vkms component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability may allow an attacker to gain access to confidential data, violate its integrity, and cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003832)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003832 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkmsrelease A null-ptr-deref is triggered when it tries to destro...

MiracleLinux 9 : kernel-5.14.0-570.42.2.el9_6 (AXSA:2025-10887:69)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10887:69 advisory. kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: scsi: lpfc: Use memcpy for BIOS version CVE-2025-38332...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992409 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkmsrelease A null-ptr-deref is triggered when it tries to destro...

kernel: drm/vkms: Fix use after free and double free on init error

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...

RHEL 8 : kernel (RHSA-2025:18043)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18043 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/vkms: Fix use after free...

CLSA-2025-1759866837 kernel: Fix of 44 CVEs

mm: zswap: fix missing folio cleanup in writeback race path CVE-2024-26832 - mm: fix zswap writeback race condition CVE-2023-53178 - dm array: fix releasing a faulty array block twice in dmarraycursorend CVE-2024-57929 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - gpio:...

EUVD-2022-55586

Malicious code in bioql PyPI...

EUVD-2025-11205

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-50369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vkms: Fix null-ptr-deref in vkmsrelease A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms-output.composerworkq in vkmsrelease...

SUSE CVE-2022-50369

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkmsrelease A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms-output.composerworkq in vkmsrelease. KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CP...