Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed idx validation in i40evalidatequeuemap. Ensured that the idx value is within the range of active/initialized TC’s when iterating over vf-chidx in i40evalidatequeuemap...

CVE-2026-43445

A flaw was found in the Linux kernel's e1000 and e1000e network drivers. When an error occurs during the mapping of transmit TX buffers, an off-by-one error in the Direct Memory Access DMA cleanup process can lead to a memory leak. This issue results in the gradual exhaustion of system resources,...

kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

Exploit for Improper Input Validation in Intel Ethernet_Diagnostics_Driver_Iqvw32.Sys

iqvw64e-privilege-escalation CVE-2015-2291 Local Privilege Esc...

CVE-2026-22985

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off are performed befor...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001512)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001512 advisory. Improper input validation in the IntelR Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service...

kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

ROS-20260113-7307

A vulnerability in the iceprepareforreset function of the Intel Ethernet network adapter support driver of the Linux kernel is related toL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2021-0135

Improper input validation in the IntelR Ethernet Diagnostic Driver for Windows before version 1.4.0.10 may allow a privileged user to potentially enable escalation of privilege via local access...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992786)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992786 advisory. In the Linux kernel, the following vulnerability has been resolved: stmmac: intel: Add a missing clkdisableunprepare call in intelethpciremove Commit 09f012e64e4b...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993052 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects durin...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2 CVE-2025-39825 kernel: mm/memory-failure: fix...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Oracle Linux 8 : kernel (ELSA-2025-21917)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21917 advisory. - i40e: add max boundary check for VF filters Michal Schmidt RHEL-123799 CVE-2025-39968 - i40e: fix validation of VF state in get resources Michal...

kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

EUVD-2025-124908

In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB using skbget. It increases the reference counter for that SKB to prevent unexpected freeing by another...

Siemens SIMATIC Devices Buffer Overflow (CVE-2023-45871)

An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

PT-2025-41367

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc4-enjuk-tnguy-00865-gc4940196ab02 Description The Linux kernel contains an issue where a failure in the igc led setup function during the probe process can lead to a kernel panic. This occurs because the...

EUVD-2025-31853

The Community Events plugin for WordPress is vulnerable to SQL Injection via the eventcategory parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...