Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mlxbf-bootctl: The sysfsemitat function was used in securebootfusestateshow. A warning is displayed when running the latest kernel on a BlueField SOC: 251.512704 ------------ Cut here ------------ 251.512711 Invalid sysfsemit:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/Mellanox: mlxbf-pmc – added sysfsattrinit to countClock initialization. The lock-related debugging logic CONFIGLOCKSTAT in the kernel issues the following warning when the BlueField-3 SOC is booted: BUG: The key...

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-8224-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8224-1 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

kernel: Linux kernel (net/mlx5): Use-after-free in ECVF vports unload leads to denial of service

A flaw was found in the Linux kernel's net/mlx5 component. A local user could exploit a use-after-free vulnerability during the shutdown process when embedded chip virtual function ECVF vports are unloaded. This occurs because the vport access control list ACL ingress table is not properly...

kernel: Linux kernel (net/mlx5): Use-after-free in ECVF vports unload leads to denial of service

A flaw was found in the Linux kernel's net/mlx5 component. A local user could exploit a use-after-free vulnerability during the shutdown process when embedded chip virtual function ECVF vports are unloaded. This occurs because the vport access control list ACL ingress table is not properly...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38109)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38109 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on...

CVE-2025-23299

NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code...

CVE-2023-25519

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges...

CVE-2023-31037

NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS...

SUSE CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

EUVD-2025-203635

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

PT-2025-51568

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The mlxbf pmc driver in the Linux kernel does not call sysfs attr init during the initialization of the "count clock" data structure. This causes a warning related to lock-related debug...

AI Security: NVIDIA BlueField Now with Vision One™

Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField...

EUVD-2025-35587

NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code...

CVE-2025-23299

NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code...

CVE-2025-23299

NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code...

CVE-2025-23299

NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code...

CVE-2025-23299

The CVE-2025-23299 entry affects NVIDIA Bluefield and ConnectX products with a vulnerability in the management interface that could let a high-privilege attacker execute arbitrary code locally. The issue is documented across multiple sources, and NVIDIA’s security bulletin lists concrete remediat...

NVIDIA ConnectX和NVIDIA BlueField 缓冲区错误漏洞

NVIDIA ConnectX and NVIDIA BlueField are both products of NVIDIA Corporation.NVIDIA ConnectX is a family of Intelligent Network Interface cards.NVIDIA BlueField is a family of data processing units. A buffer error vulnerability exists in NVIDIA ConnectX and NVIDIA BlueField, which stems from a fl...