491 matches found
CVE-2025-68213 idpf: fix possible vport_config NULL pointer deref in remove
In the Linux kernel, the following vulnerability has been resolved: idpf: fix possible vportconfig NULL pointer deref in remove Attempting to remove the driver will cause a crash in cases where the vport failed to initialize. Following trace is from an instance where the driver failed during an...
UBUNTU-CVE-2023-53850
In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavfresettask is running, LINKSTATESTART will be cleared and netifrunning will return false in iavfreinitinterruptscheme. This will resul...
DEBIAN-CVE-2022-50636
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead...
CVE-2022-50636
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead...
CVE-2022-50636
The CVE-2022-50636 entry concerns the Linux kernel PCI subsystem and VF handling. The vulnerability stemmed from pci_device_is_present() returning false for virtual functions (VFs) because it relied on Vendor/Device IDs (0xffff for VFs), causing virtio I/O issues during VF removal/unbinding or wh...
CVE-2022-50636 PCI: Fix pci_device_is_present() for VFs by checking PF
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead...
CVE-2022-50636
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead...
SUSE CVE-2025-40219
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" tried to fix a race between the VF removal inside sriovdelvfs and concurrent...
AZL-71293 CVE-2025-40219 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...
UBUNTU-CVE-2025-40219
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...
CVE-2025-40219 PCI/IOV: Fix race between SR-IOV enable/disable and hotplug
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" tried to fix a race between the VF removal inside sriovdelvfs and concurrent...
CVE-2025-40219
CVE-2025-40219 concerns the Linux kernel SR-IOV PCI handling. The vulnerability stems from missing serialization locks around SR-IOV VF removal/enabling: sriov_disable() could remove VF PCI devices without holding the global PCI rescan-remove lock, risking double-remove/list corruption (notably o...
CVE-2025-40219 PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...
kernel: i40e: add validation for ring_len param
A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...
kernel: i40e: add validation for ring_len param
A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...
kernel: i40e: add validation for ring_len param
A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...
kernel: i40e: add validation for ring_len param
A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...
kernel: i40e: add validation for ring_len param
A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50296)
hns3: A kernel crash may occur when the driver is uninstalled and the VF is disabled concurrently. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
kernel: i40e: add validation for ring_len param
A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...