278 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist...
CVE-2026-53230
A flaw was found in the Linux kernel's mlx5 driver. The mlx5querynicvportmaclist function, which handles querying network interface card NIC virtual port vport MAC addresses, incorrectly sizes its internal buffer. When a Virtual Function VF vport is queried with a larger configured maximum, the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel before version 5.15.13, the file drivers/net/ethernet/mellanox/mlx5/core/steering/drdomain.c misinterprets the return value of mlx5getuarspage. It expects the return value to be NULL in the error case, but in reality, it is an error pointer...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Properly linking new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when their refcount was 1. On the other hand, createflowhandle attempts to find and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: RX, Fixed XDP multi-buf fragment counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes ta...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix for the memory leak in mlx5drcmdcreatereformatctx. When mlx5cmdexec fails in mlx5drcmdcreatereformatctx, the memory pointed to by ‘in’ is not released, which can lead to a memory leak. Move the memory release...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: In devcom, fix for error flow in mlx5devcomregisterdevice. In the event of a failure in devcom allocation, mlx5 always frees the private data. However, this private data might have been allocated by a different thread...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregisters devlink parameters in case the interface is down Currently, if an interface is down, the mlx5 driver does not unregister its devlink parameters, which leads to this WARN1. This issue is fixed by unregisterin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: vfio: Split migration operations from main device operations The vfio core checks whether the driver sets certain migration operations e.g., setstate/getstate, and accordingly calls those operations. However, currently, the ml...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix the crash caused by the LAG state check. When removing a LAG device from a bridge, the NETDEVCHANGEUPPER event is triggered. The driver determines which lower devices need to flush all offloaded entries. If one of t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Data related to command failures should only be collected for known commands. DEVX can issue a general command, which is not used by the mlx5 driver. If such a command fails, mlx5 attempts to collect the failure data...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the cleanup of steering rules The vport’s unicast, multicast, and multicast rules are not deleted during the teardown process when EEH occurs. Since the vport’s promiscuous settings unicast, unicast, and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take the RTNL lock when necessary before calling xdpsetfeatures. The RTNL lock must be held when calling xdpsetfeatures with a registered netdev, as this call triggers the netdev notifiers. This could occur, for exampl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Register devlink first under the devlink lock. If the device encounters a non-fatal firmware error during the probe, the driver will report the error to the user via devlink. This will trigger a WARN, since mlx5 calls...
Linux Distros Unpatched Vulnerability : CVE-2026-46176
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch...
SUSE CVE-2026-46176
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch destroys s0 but falls through and unconditionally assigns the freed ...
SUSE CVE-2026-45973
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for UMR completion during device unload. See 1. In LAG mode the bond devic...
Linux Distros Unpatched Vulnerability : CVE-2026-45973
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for U...
CVE-2026-45973
A flaw was found in the Linux kernel's RDMA/mlx5 driver. A race condition during firmware reset in Link Aggregation Group LAG mode can cause the driver to hang indefinitely while waiting for Unregister Memory Region UMR completion during device unload. This can lead to a denial of service, making...