816 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up sidomain in the initdmars error path A splat from kmemcachedestroy was observed in a previous version of the kernel commit ee2653bbe89d, “iommu/vt-d: Remove domain and devinfo mempool” when there was a failur...
Astra Linux – Vulnerability in Linux, Linux 5.10
A race condition was identified in the vtkioctl function within drivers/tty/vt/vtioctl.c in the Linux kernel. This may lead to an out-of-bounds read, as the write access to vcmode is not protected by a lock in vtioctl KDSETMDE. The primary threat of this vulnerability is data confidentiality...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021566)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021566 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up sidomain in the initdmars error path A splat from kmemcachedestroy was seen...
CLEANSTART-2026-BN65572 Security fixes for CVE-2025-61725 applied in versions: 1.2.0-r0
Security vulnerability affects the vt-cli package. This issue is resolved in later releases. See references for vulnerability details...
CVE-2026-43161
A flaw was found in the Linux kernel's Intel IOMMU Input/Output Memory Management Unit virtual technology for directed I/O VT-d subsystem. When a PCIe Peripheral Component Interconnect Express endpoint device, especially when passed through to userspace applications like QEMU or DPDK, unexpectedl...
EUVD-2026-27689
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac "iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected" relies on pcidevisdisconnected to skip ATS...
CVE-2026-43161
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...
CVE-2026-43130
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac "iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected" relies on pcidevisdisconnected to skip ATS...
CVE-2026-43161
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...
CVE-2026-43161
CVE-2026-43161 is a Linux kernel IOMMU VT-d vulnerability related to ATS invalidation when a PCIe endpoint loses connection. In scalable-mode-disabled/unsupported systems, an endpoint link drop can cause the IOMMU to wait indefinitely for an ATS invalidation, leading to a host hard-lock (notably ...
CVE-2026-43130
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac "iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected" relies on pcidevisdisconnected to skip ATS...
PT-2026-37470
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iommu/vt-d component where the system relies on the pci dev is disconnected function to skip Address Translation Services ATS invalidation for safely removed...
Linux Distros Unpatched Vulnerability : CVE-2026-43161
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU,...
CVE-2026-31742
The CVE-2026-31742 issue affects the Linux kernel’s virtual terminal (vt) handling of alternate screen mode. When entering alt screen, vc_uni_lines is saved to vc_saved_uni_lines and vc_uni_lines is set to NULL. A subsequent console resize can skip reallocating the unicode buffer because vc_uni_l...
CLSA-2026-1777616064 kernel: Fix of 260 CVEs
crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010874)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010874 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up sidomain in the initdmars error path A splat from kmemcachedestroy was seen...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via manipulation of backup manifest files. An attacker can execute arbitrary commands in the production deployment environment by restoring a crafted backup. Workaround This vulnerability can be mitigated by specifying...
CVE-2025-68121 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, kubeflow, ghaudit, crossplane-provider-aws-ec2, postgres-operator, terraform-provider-azapi, govulncheck, cilium-certgen, thanos, telegraf, kargo, kyverno-policy-reporter-kyverno-plugin, grpcurl, cis-operator, rootlesskit, src, smokescreen,...
CVE-2025-61732 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, blobfuse2, kubeflow, ghaudit, crossplane-provider-aws-ec2, postgres-operator, terraform-provider-azapi, govulncheck, cilium-certgen, thanos, hello-world-golang, telegraf, kargo, kyverno-policy-reporter-kyverno-plugin, grpcurl, yq, velero,...
CVE-2025-61732 vulnerabilities
Vulnerabilities for packages: pushprox, prometheus-pushgateway, local-static-provisioner, external-secrets-operator-fips, crossplane-provider-aws-sqs-fips, cyberark-secrets-provider-for-k8s, linkerd2, rancher-security-scan, trust-manager, cert-manager-cmctl-fips, docker-credential-gcr-fips,...