1084 matches found
SUSE CVE-2026-43332
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone device registration error path If thermalzonedeviceregisterwithtrips fails after registering a thermal zone device, it needs to wait for the tz-removal completion like thermalzonedeviceunregister, ...
SUSE CVE-2026-43345
In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CHCCNTXT0 to CHCCNTXT1. The v5.0 register definition intended to define this field in the CHCCNTXT1 fmask array but...
SUSE CVE-2026-43425
In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...
drm/amdgpu: add upper bound check on user inputs in wait ioctl
...
CVE-2026-43428
A flaw was found in the Linux kernel's USB core. The usbcontrolmsg, usbbulkmsg, and usbinterruptmsg APIs allow for unlimited timeout durations. These APIs use uninterruptible waits, which can cause a task to hang indefinitely. This can lead to a denial of service DoS as the task cannot be...
CVE-2026-43398
A flaw was found in the Linux kernel's amdgpu graphics driver. A local user could exploit this vulnerability by providing excessively large input values to the amdgpuuserqwaitioctl function. This improper input validation can lead to an Out-Of-Memory OOM condition, resulting in a Denial of Servic...
EUVD-2026-28704
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
EUVD-2026-28710
In the Linux kernel, the following vulnerability has been resolved: mm: Fix a hmmrangefault livelock / starvation problem If hmmrangefault fails a foliotrylock in doswappage, trying to acquire the lock of a device-private folio for migration, to ram, the function will spin until it succeeds...
EUVD-2026-28616
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone device registration error path If thermalzonedeviceregisterwithtrips fails after registering a thermal zone device, it needs to wait for the tz-removal completion like thermalzonedeviceunregister, ...
CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
CVE-2026-43429
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usbbulkmsgkillable with user-specified timeouts The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts for some usbbulkmsg calls. Since the user can specify...
CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
UBUNTU-CVE-2026-43425
In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...
UBUNTU-CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
CVE-2026-43469
Summary: CVE-2026-43469 affects the Linux kernel xprtrdma component. The root cause is that rpcrdma_post_recvs() may exit early or fail to create a work request without decrementing ep->re_receiving. This miscount can cause rpcrdma_xprt_drain() to hang, leaving the completion blocked and poten...
CVE-2026-43429
CVE-2026-43429 (Linux kernel, USB usbtmc): The vulnerability arises from the usbtmc driver accepting user-specified timeouts that can be arbitrarily long for usb_bulk_msg() calls, potentially causing kernel threads to hang indefinitely. The issue is resolved by using usb_bulk_msg_killable() with ...
CVE-2026-43425
In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...
CVE-2026-43399
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...
CVE-2026-43399
CVE-2026-43399 affects the Linux kernel amdgpu driver: a reference leak in amdgpu_userq_wait_ioctl occurs when an ioctl is aborted because the output array is too small. The fix drops references to syncobj and timeline fence during abort, and is cherry-picked from commit 68951e9c3e6bb22396bc42ef2...
CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...