EUVD-2026-32236

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

CVE-2026-45952

In the Linux kernel fbnic driver, CVE-2026-45952 describes a validation issue for MTU changes affecting XDP behavior. When MTU is increased beyond the HDS threshold, hardware may fragment packets across multiple buffers; if a single-buffer XDP program is attached, the driver will drop all multi-f...

Astra Linux - уязвимость в linux-5.10

The network backend may cause Linux netfront to use freed SKBs. While adding logic to support XDP eXpress Data Path, a code label was moved in a way that allows SKBs to retain references pointers for further processing, so that they can still be freed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: igb: Fixed an “use-after-free” issue in the igbcleantxring function. Fixed the following “use-after-free” bug in the igbcleantxring routine when the NIC is running in XDP mode. This issue can be triggered by redirecting traffi...

kernel: bonding: check xdp prog when set bond mode

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

CVE-2026-43465

A flaw was found in the Linux kernel's mlx5e driver. This vulnerability arises from incorrect fragment counting when XDP eXpress Data Path multi-buffer programs modify the XDP buffer layout. This issue could allow a local attacker or a specially crafted network packet to trigger a negative...

CVE-2026-43465

CVE-2026-43465: Linux kernel mlx5e XDP multi-buf frag counting flaw. When XDP programs modify the XDP buffer layout (via bpf_xdp_pull_data/bpf_xdp_adjust_tail), the driver failed to count dropped fragments, risking negative page fragment reference counting and potential instability. Public report...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the XDP multiple buffer fragment count in the net mlx5e RX component. This count does not correct...

CVE-2026-43092

A flaw was found in the Linux kernel's AFXDP eXpress Data Path subsystem. The AFXDP bind operation fails to validate the Maximum Transmission Unit MTU against the usable frame space provided by the UMEM User Memory chunk. This can lead to situations where the configured MTU does not fit,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by XDPREDIRECT or XDPT...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDPTX or XDPREDIRECT. When tx/rx ring buffer size is changedethtool -G, sfc driver reallocates and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Packet corruption occurred in vmxnet3xdpxmitframe. Andrew and Nikolay reported connectivity issues with Cilium’s service load-balancing in the case of vmxnet3. If a BPF program for native XDP adds an encapsulation header...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xdp: use flags field to disambiguate broadcast redirect When redirecting a packet using XDP, the bpfredirectmap helper will set up the redirect destination information in struct bpfredirectinfo using the bpfxdpredirectmap helper...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Handle NULL returned by xdpconvertbufftoframe. The function xdpconvertbufftoframe may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or...

OESA-2026-2077 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been...

SUSE CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

CVE-2026-23453

A flaw was found in the Linux kernel's net: ti: icssg-prueth network driver. When XDP eXpress Data Path programs drop packets in non-zero-copy mode, memory pages are not properly returned to the system's page pool. This memory leak can lead to Out of Memory OOM conditions, causing a Denial of...

EUVD-2026-18706

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

CVE-2026-23453

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...