403 matches found
CVE-2026-53343
The CVE-2026-53343 entry documents a Linux kernel ARM vulnerability patch: in configurations with KASAN_VMALLOC and VMAP_STACK, a dummy read from the KASAN VMAP shadow in __switch_to() used an unaligned word load (ldr) which can fault on ARMv5 and crash ARM926/VersatilePB; the fix switches to a b...
CVE-2026-53285
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap DCN32 phantom-plane allocation in DCRUNWITHPREEMPTIONENABLED Why dcn32validatebandwidth wraps dcn32internalvalidatebw with DCFPSTART/DCFPEND. In x86 non-RT, DCFPSTART takes fpregslock, which disables local...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevented RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges. The amdgpudiscoverygetnpsinfo function internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocations. Using kfree to releas...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: fbdev: Added bounds checking in bitputcs to prevent out-of-bounds writes using vmalloc. Added bounds checking to prevent writes beyond the framebuffer boundaries when rendering text near the screen edges. Return early if the Y...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RISCV: Kernel mappings of the EFI page table must be synchronized before switching to the EFI page table. The EFI page table is initially created as a copy of the kernel page table. When VMAPSTACK is enabled, kernel stacks are...
Linux Distros Unpatched Vulnerability : CVE-2026-46281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d mm/vmalloc: allow to s...
SUSE CVE-2026-46281
In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...
CVE-2026-46281
A flaw was found in the Linux kernel. When shrinking a vmalloc allocation using the vreallocnodealign function, if the requested new size is smaller than the old size, an out-of-bounds write can occur. This memory corruption vulnerability could allow a local attacker to cause a denial of service ...
CVE-2026-46281
In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...
UBUNTU-CVE-2026-46281
In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...
CVE-2026-46281
In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...
EUVD-2026-35146
In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...
CVE-2026-46281 vmalloc: fix buffer overflow in vrealloc_node_align()
In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...
CVE-2026-46281
CVE-2026-46281 affects the Linux kernel vmalloc path used by vrealloc when a new allocation is forced (wrong NUMA node or alignment). The code copies old_size bytes into a newly allocated buffer of size bytes during a shrink request, which can cause an out-of-bounds write. The fix bounds the copy...
CVE-2026-46281 vmalloc: fix buffer overflow in vrealloc_node_align()
In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...
PT-2026-47353
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow exists in the vrealloc node align function. When a request is made to shrink an allocation size old size and a new allocation is required due to NUMA node or alignment...
Linux Distros Unpatched Vulnerability : CVE-2026-45853
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may u...
CVE-2026-45853
A flaw was found in the Linux kernel's drm/amdgpu component. The amdgpudiscoverygetnpsinfo function incorrectly deallocates memory by using kfree instead of kvfree, even when memory was allocated with kvcalloc which may use vmalloc. This improper memory handling can lead to memory corruption. Suc...
SUSE CVE-2026-45853
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...