924 matches found
CVE-2026-53297
A flaw was found in the Linux kernel's mana network driver. This vulnerability occurs when the manaremove function is invoked a second time without proper checks after a power management PM resume failure and subsequent driver unbinding. A local attacker could exploit this double invocation to...
net: mvpp2: sync RX data at the hardware packet offset
...
net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list
...
CVE-2026-53008
A flaw was found in the Linux kernel. A race condition exists in the ice network driver's TX timestamp ring cleanup, specifically between the icefreetxtstampring and icetxmap functions. This vulnerability could allow a local attacker to trigger a null pointer dereference, leading to a system cras...
SUSE CVE-2026-53234
In the Linux kernel, the following vulnerability has been resolved: net: ibm: emac: Fix use-after-free during device removal The driver was using devmregisternetdev which causes unregisternetdev to be deferred until the devres cleanup phase, which runs after emacremove returns. This creates a...
CVE-2026-53248
A flaw was found in the Linux kernel's airoha network driver. This use-after-free vulnerability occurs when the airohametadatadstfree function frees memory prematurely, before all references to it are released. If a network packet still holds a pointer to the freed memory, a use-after-free...
CVE-2026-53087
A flaw was found in the Linux kernel's bcmgenet network driver. When the transmit tx queue is reclaimed, the driver incorrectly drops data frames without returning them to the pool of free buffer descriptors bds. This oversight results in a resource leak, which can lead to resource exhaustion and...
CVE-2026-53230
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...
CVE-2026-53217
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dmaaddr + MVPP2SKBHEADROOM. The current CPU sync starts at dmaaddr and only covers rxbytes +...
EUVD-2026-38839
In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...
CVE-2026-52971
CVE-2026-52971 affects the Linux kernel ENA (Elastic Network Adapter) driver, specifically the PHC (Precision Time Protocol Hardware Clock) timestamp path get_timestamp. A race exists where phc->active is checked without holding the spinlock and resp is cached from ena_dev->phc.virt_addr be...
kernel: net: mana: fix use-after-free in add_adev() error path
A flaw was found in the Linux kernel's mana network driver. An issue in the error handling of the addadev function can lead to a use-after-free vulnerability. This occurs when memory is released prematurely but then accessed again, which could allow a local attacker to cause a system crash denial...
kernel: net: mana: fix use-after-free in add_adev() error path
A flaw was found in the Linux kernel's mana network driver. An issue in the error handling of the addadev function can lead to a use-after-free vulnerability. This occurs when memory is released prematurely but then accessed again, which could allow a local attacker to cause a system crash denial...
kernel: net: mana: fix use-after-free in add_adev() error path
A flaw was found in the Linux kernel's mana network driver. An issue in the error handling of the addadev function can lead to a use-after-free vulnerability. This occurs when memory is released prematurely but then accessed again, which could allow a local attacker to cause a system crash denial...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: realtek: fixed out-of-bounds access issues The probe function sets priv-chipdata to void priv + sizeofpriv, with the expectation that priv has sufficient trailing space. However, only realtek-smi actually allocated...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed an out-of-bounds situation when setting channels during iavfremove. If the channels are set to a value greater than what is actually allocated, it will cause a timeout, and an error will be returned. However, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off are performed befor...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed a preempt count leak in the napi poll tracepoint. Using getcpu in the tracepoint assignment causes an obvious preempt count leak, because nothing invokes putcpu to undo it. softirq: Huh, entered softirq 3 for NETRX...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fixed an issue where access to the vnicinfo array was out of range. The bnxtqueuestart | stop access allocates vnicinfo, which indicates bp-nrvnics. Therefore, it should not access bp-vnicinfobp-nrvnics...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: i40e: fixed the validation of VF state in the get resources function. The state I40EVFSTATEACTIVE is not the only state in which a VF is actually active. Therefore, it should not be used to determine whether a VF is allowed to...