Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtionet: fixed device mismatch in devmkzalloc/devmkfree The initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees resources using netdevice-device. This device mismatch causes the following devres...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Added validation for the used length. This addition ensures that the used length is validated which may come from an untrusted device, to prevent data corruption or loss...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: virtio-net: The received length check for large packets has been fixed. Since commit 4959aebba8c0 “virtio-net: Use MTU size as buffer length for large packets”, when the guest gso is disabled, the allocated size for large packets...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: virtionet: Fixed a misalignment bug in struct virtnetinfo. Use the new TRAILINGOVERLAP helper to fix the misalignment bug, along with the following warning: drivers/net/virtionet.c:429:46: warning: The structure containing a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fixed an overflow issue within virtnetrqalloc. When a fragment receives a single page, it may lead to regressions in the virtual machine. This issue is particularly significant if the sysctl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtionet: a memory leak inside XPDTX has been fixed using mergeable. When we call xdpconvertbufftoframe to obtain xdpf, if it returns NULL, we should check whether xdppage was allocated by xdplinearizepage. If it was newly...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: virtionet: Added a check for hashkeylength. A check for hashkeylength was added in virtnetprobe to avoid possible out-of-bounds errors when setting/read the hash key...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame’s length check When calling buftoxdp, the len argument represents the length of the frame’s data, excluding the length of the virtio header vi-hdrlen. We check that len is not greater than the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: The size of the result returned for the admin command completion has been corrected. The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: added validation for the VIRTIONETCTRLMQVQPAIRSSET command When the control vq receives a VIRTIONETCTRLMQVQPAIRSSET command request from the driver, there is currently no validation of the number of queue pairs to be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Ensure that the received length does not exceed the allocated size. In xdplinearizepage, when reading the following buffers from the ring, we forget to check the received length against the actual allocated size. This...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dropping UFO packets in udprcvSegment When sending a packet with virtionetHdr to the tun device, if the gsotype in virtionetHdr is SKBGSOUDP and the gsoSize is less than udphdrSize, a crash may occur. ------------ cut here...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Zeroed unused hash fields When a GSO tunnel is negotiated, the virtionethdrtnlfromskb function attempts to initialize the tunnel metadata. However, it forgets to zero the unused rxhash fields. This could lead to...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed the warning from napibcacheput. After the commit bdacf3e34945 “net: Use nested-BH locking for napialloccache” was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451...

CLSA-2026-1779097389 qemu-kvm: Fix of CVE-2023-6693

fix CVE-2023-6693: virtio-net stack overflow via large guesthdrlen...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1708-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1708-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: -...

SUSE-SU-2026:1804-1 Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1793-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1780-1 Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2026-23004: dst: fix races in rt6uncachedlistdel and...

SUSE-SU-2026:1771-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...