491 matches found
PT-2026-44265
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libwx network component where a Virtual Function VF attempts to access the WX CFG PORT ST register. Because this is a Physical Function PF restricted register, the...
PT-2026-44311
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A NULL pointer dereference occurs in the octeon ep vf driver. The function napi build skb can return NULL if an allocation failure occurs. In octep vf oq process rx, the result of this...
PT-2026-44255
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack information leak exists in the rtnl fill vfinfo function. The function declares a struct ifla vf broadcast on the stack without initialization. This structure contains a 32-byte...
CVE-2026-46084
In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...
CVE-2026-46036
In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its value, but provides no serialization against concurrent VFIODEVICESETIRQS...
PT-2026-43903
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the vfio/cdx component. The function vfio cdx set msi trigger reads vdev-config msi and operates on the vdev-cdx irqs array without proper serialization...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed the LAG and VF lock dependencies in iceresetvf. In version 9f74a3dfcf83, the ice driver acquired the LAG mutex in iceresetvf. This lock acquisition was placed just before acquiring the VF configuration lock. If...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed incorrect descriptor freeing behavior. ENA has two types of TX queues: - Queues that only process TX packets arriving from the network stack. - Queues that only process TX packets forwarded to them by XDPREDIRECT ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - ice: fixed the memory leak in the eswitch code during the reset scenario. A simple eswitch mode checker has been added to the procedure for attaching VFs. Required port representative memory structures are allocated only in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Separate handlers are used for interrupts. The interrupt vector from PF to AF, and the interrupt vector from VF to AF, both use the same interrupt handler. This causes a race condition. When two interrupts are raise...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Registers the VF in netvscprobe if NETDEVICEREGISTER was missed. If the hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot successfully register the VF, as the register call is received befor...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: Fix concurrent reset and removal of VFs The commit c503e63200c6 “ICE: Stop processing VF messages during teardown” introduced a driver state flag, ICEVFDEINITINPROGRESS, which is intended to prevent some issues with...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed NULL dereferencing in the error path during SR-IOV VF creation. Fixed issues where attempting to remove a device could lead to NULL pointer dereferencing. This issue occurred due to incorrect error handling when...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the issue where the “vf” variable might be used without initialization in this function. To address the regression introduced by commit 52424f974bc5, which causes servers to hang under very difficult-to-reproduce...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: octeontx2-vf: Added a missing “free” field for “allocpercpu”. Added the “freepercpu” field for the allocated “vf-hw.lmtinfo” in order to avoid memory leaks, similar to the “pf-hw.lmtinfo” in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: vfio/xe: Reorganized the init process to separate migration from reset operations. Attempting to perform a reset on VF devices that do not support migration leads to the following issues: BUG: Unable to handle a page fault for...
Astra Linux - уязвимость в qemu
A issue was discovered in QEMU versions 7.1.0 through 8.2.1. The registervfs function in hw/pci/pciesriov.c mishandles the situation where a guest writes a number of NumVFs that is greater than the total number of TotalVFs, resulting in a buffer overflow in VF implementations...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Ice: Added a limit per-VF on the number of FDIR filters. While the iavf driver adds a software-based limit 128 on the number of FDIR filters that a VF can request, a malicious VF driver can request more than that limit, thereby...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF does not enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm Clean up the vf2pf work item 71.915088 ------------ Cut...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VFs to remove the administratively set MAC address. Currently, when a PF Powerful User administratively sets the MAC address of a VF, and the VF is disabled the VF attempts to delete all MAC addresses...