43 matches found
USN-8310-1 linux-azure, linux-azure-6.17 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8277-2 linux-oracle-6.17 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, and VLAN entries when unbinding them. As explained in many places, such as commit b117e1e8a86d “net: dsa: delete dsalegacyfdbadd and dsalegacyfdbdel”, DSA is written under the assumption that higher...
USN-8277-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: A condition was added for scheduling kszmibreadwork. When the ksz module is installed or removed using rmmod, the kernel crashes with a null pointer dereference error. During rmmod, the kszswitchremove functi...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master device unbinds on shutdown Rafael reports that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master dpaa2-eth is up, the following panic can be seen:...
AZL-78428 CVE-2025-71152 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...
CVE-2025-71152
In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...
CVE-2025-71152
CVE-2025-71152 is a vulnerability reported in the Linux kernel and appears in multiple OS advisories. Connected entries indicate patches for Root Linux (rootio-linux) across Debian 11/12/13 variants, and additional OSV records show Debian-based and Chainguard advisories patching Root packages. Pu...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37786)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37786 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37864)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37864 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entrie...
UBUNTU-CVE-2022-50837
In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: avoid leaking ctx on dsatag8021qregister error path If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will leak. Make sure it is...
CVE-2023-54149
In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...
UBUNTU-CVE-2023-54149
In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...
CVE-2023-54149 net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses
In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...
PT-2025-53226
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to suspicious RCU Read-Copy Update usage when handling VLAN-aware MAC addresses within the networking subsystem. Specifically, the issue occurs...
PT-2025-52754
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to DSA Distributed Switch Architecture and Microchip network devices. Specifically, the ksz irq free function may be called on an uninitialized...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988852)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988852 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...
ROS-20251013-02
Vulnerability of the fpsimdreleasetask function in the arch/arm64/kernel/fpsimd.c module of the Linux kernel is related to a memory leak. Linux kernel is related to a memory leak. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of...
CVE-2023-53170
CVE-2023-53170 relates to the Linux kernel where the patch eliminates an unnecessary of_node_put in felix_parse_ports_node (net: dsa). The fix removes the of_node_put from the continue path to prevent the child node from being released twice, which could otherwise lead to resource leaks or other ...