509 matches found
CVE-2025-21806 net: let net.core.dev_weight always be non-zero
In the Linux kernel, the following vulnerability has been resolved: net: let net.core.devweight always be non-zero The following problem was encountered during stability test: NULL netdevice: NAPI poll function processbacklog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------ cut her...
SUSE CVE-2022-49131
In the Linux kernel, the following vulnerability has been resolved: ath11k: fix kernel panic during unload/load ath11k modules Call netifnapidel from ath11kahbfreeextirq to fix the following kernel panic when unload/load ath11k modules for few iterations. 971.201365 Unable to handle kernel paging...
CVE-2022-49672
In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...
UBUNTU-CVE-2022-49131
In the Linux kernel, the following vulnerability has been resolved: ath11k: fix kernel panic during unload/load ath11k modules Call netifnapidel from ath11kahbfreeextirq to fix the following kernel panic when unload/load ath11k modules for few iterations. 971.201365 Unable to handle kernel paging...
CVE-2022-49672
CVE-2022-49672 refers to a race condition in the Linux kernel’s network/tun path: when destroying a tunNAPI object, the NAPI in the tun_file struct can be destroyed before the netdev, requiring explicit deletion of the NAPI. Syzbot observed this race as the queue was detached, enabling a potentia...
CVE-2022-49672
In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...
CVE-2022-49672 net: tun: unlink NAPI from device on destruction
In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...
CVE-2022-49672 net: tun: unlink NAPI from device on destruction
In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: gve: Clearing napi-skb before devkfreeskbany In gverxfreeskb, napi-skb is incorrectly left referencing an skb after it is freed using devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling in manacreatetxq/rxq’s NAPI cleanup Currently, the napidisable function is called during the cleanup of rxq and txq, even before napi is enabled and hrtimer is initialized. This causes a kernel...
CLSA-2025-1738853271 Fix of 54 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...
CLSA-2025-1738852812 Fix of 54 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...
CVE-2025-21659
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...
CVE-2025-21659
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...
DEBIAN-CVE-2025-21659
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...
UBUNTU-CVE-2025-21659
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...
CVE-2025-21659
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...
CVE-2025-21659
CVE-2025-21659 relates to the Linux kernel where the netdev subsystem previously allowed NAPI instances to be accessed across different network namespaces. The underlying issue was that NAPI IDs were not fully namespace-aware before the netlink API, allowing potential cross-namespace exposure of ...
CVE-2025-21659 netdev: prevent accessing NAPI instances from another namespace
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...