43 matches found
PT-2026-52325
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc6 Description A slab-out-of-bounds issue exists in the mlx5 query nic vport mac list function. The function determines the size of the firmware command buffer based on the Physical Function PF log max...
CVE-2026-23440 net/mlx5e: Fix race condition during IPSec ESN update
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...
kernel: net/mlx5e: Check for NOT_READY flag state after locking
A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...
kernel: net/mlx5e: Check for NOT_READY flag state after locking
A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...
kernel: net/mlx5e: Check for NOT_READY flag state after locking
A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003652)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003652 advisory. A memory leak in the mlx5fwfatalreporterdump function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause...
ROS-20260112-7382
A vulnerability in the mlx5ehandlerxcqempwrqshampo function of the Mellanox Ethernet network adapter driver in the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251111-03
Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...
CVE-2023-53398
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix possible ptp queue fifo use-after-free Fifo indexes are not checked during pop operations and it leads to potential use-after-free when poping from empty queue. Such case was possible during re-sync action. WARNONONCE...
Linux Distros Unpatched Vulnerability : CVE-2019-19047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak in the mlx5fwfatalreporterdump function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to...
Vulnerability of the mlx5e_rep_neigh_update() function in the drivers/net/ethernet/mellanox/mlx5/core/en/rep/neigh.c module – A driver for supporting Mellanox Ethernet network adapters in the Linux operating system, which allows a hacker to cause a service failure
Vulnerability of the mlx5erepneighupdate function in the drivers/net/ethernet/mellanox/mlx5/core/en/rep/neigh.c module – The Mellanox Ethernet network adapter driver for the Linux operating system is vulnerable due to the reutilization of previously freed memory. Exploiting this vulnerability cou...
The vulnerability of the mlx5_eswitch_offloads_single_fdb_add_one() function in the drivers/net/ethernet/mellanox/mlx5/core/eswitch.h module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mlx5eswitchoffloadssinglefdbaddone function in the drivers/net/ethernet/mellanox/mlx5/core/eswitch.h module of the Linux kernel is related to insufficient resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
kernel: net/mlx5e: Prevent deadlock while disabling aRFS
A flaw was found in the Linus Kernel. A potential deadlock can occur while disabling aRFS in drivers/net/ethernet/mellanox/mlx5/core/enarfs.c...
The vulnerability of the mlx5e_arfs_enable() function in the drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c file of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mlx5earfsenable function in the drivers/net/ethernet/mellanox/mlx5/core/enarfs.c file of the Linux kernel is related to insufficient resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
SUSE CVE-2025-21800
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWSSET32 macro for negative offset When bit offset for HWSSET32 macro is negative, UBSAN complains about the shift-out-of-bounds: UBSAN: shift-out-of-bounds in...
The vulnerability of the mlx5_eswitch_add_termtbl_rule() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the mlx5eswitchaddtermtblrule function in the drivers/net/ethernet/mellanox/mlx5/core/eswitchoffloadstermtbl.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...
kernel: net/mlx5e: Prevent deadlock while disabling aRFS
A flaw was found in the Linus Kernel. A potential deadlock can occur while disabling aRFS in drivers/net/ethernet/mellanox/mlx5/core/enarfs.c...
The vulnerability of the mlx5e component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the mlx5e component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning
A flaw incorrect memory access in the Linux kernel Mellanox network Ethernet or RDMA device driver was found. A local user could use this flaw to crash the system...
kernel: net/mlx5e: Fix netif state handling
A vulnerability was found in the Linux kernel within the net/mlx5e component, where improper handling of network interface states could lead to a NULL pointer dereference or resource leaks if network registration fails during initialization. This condition could cause system instability, as...