kernel: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()

QLogic qede driver processes TPA TCP/IP Packet Aggregation completion queue entries by iterating through lenlist until hitting a zero terminator. Malformed or corrupted completion entries lacking this sentinel cause the loop to read beyond array bounds. SVACE static analysis identified that...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006716)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006716 advisory. In the Linux kernel, the following vulnerability has been resolved: qed: Don't collect too many protection override GRC elements In the protection override dump path...

SUSE-SU-2025:21180-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-21816: hrtimers: Force migrate away hrtimers queued after bsc1238472. - CVE-2025-38653: proc: use the same treatment to check proclseek as ones for procreaditer...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsimdrvprobe when nsimdevresourcesregister failed CVE-2022-50500 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of...

Linux Distros Unpatched Vulnerability : CVE-2025-39949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qed: Don't collect too many protection override GRC elements In the protection override dump path, the firmware can return far too many GRC elements, resulting ...

SUSE CVE-2025-39949

In the Linux kernel, the following vulnerability has been resolved: qed: Don't collect too many protection override GRC elements In the protection override dump path, the firmware can return far too many GRC elements, resulting in attempting to write past the end of the previously-kmalloc'ed dump...

AZL-68157 CVE-2025-39949 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: qed: Don't collect too many protection override GRC elements In the protection override dump path, the firmware can return far too many GRC elements, resulting in attempting to write past the end of the previously-kmalloc'ed dump...

CVE-2025-39949

CVE-2025-39949 is a Linux kernel vulnerability in the qed protection override dump path. The firmware could return more GRC elements than the allocated dump buffer, enabling a write past the end of the buffer and causing a kernel panic (BUG: unable to handle kernel paging request). The issue is f...

CVE-2023-53509

CVE-2023-53509 : In the Linux kernel qed_mcp_trace_dump() path, the code previously slept due to a 10µs-delayed loop in qed_mcp_cmd_and_union() which can spin up to 500k iterations, potentially blocking a thread for several seconds. The vulnerability description states that sleeping is permitted ...

PT-2025-40645

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the qed driver related to handling protection override GRC elements. The firmware can return an excessive number of these elements, leading to a...