PT-2026-52928

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the ice reset all vfs function. The issue occurs because ice reset all vfs ignores the return value of ice vf rebuild vsi. If the VSI rebuild...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/vf: Do not expose sysfs attributes that are not applicable to VFs. VFs cannot read the BMGPCIECAP0x138340 register, nor can they access the PCODE which is already guarded by the info.skippcode flag. Therefore, we should...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix bridge mode operations when there are no VFs Currently, attempting to set the bridge mode attribute when numvfs=0 leads to a crash: bridge link set dev eth2 hwmode vepa 168.967392 BUG: kernel NULL pointer dereferenc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Performing early GT MMIO initialization is necessary to read the GMDID. VFs need to communicate with the GuC to obtain the GMDID value. Existing GuC functions that use this information assume that the GT has already se...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: iavf: fixed the hang that occurs upon reboot with ice When a system with E810 and existing VFs is rebooted, the following hang may occur. PID 1 is hung in iavfremove, part of a network driver: PID: 1 TASK: ffff965400e5a340 CPU...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed pcideviceispresent for VFs by checking PF. pcideviceispresent previously did not work for VFs because it read the Vendor and Device ID, both of which are 0xffff for VFs, implying that these devices are not present...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fixed a race condition between enabling/disabling SR-IOV and hot-plug events. The commit 05703271c3cd “PCI/IOV: Added locking for PCI rescan/remove operations when enabling/disabling SR-IOV” attempted to address the race...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to handle kernel paging...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sfc: fixed a kernel panic that occurred when creating VFs. When creating VFs, a kernel panic can occur when calling efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, under certain circumstances, it is necessary to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: benet: Fixed a bug when creating VFs. The benet function crashes as soon as SRIOV VFs are created: Kernel bug at mm/vmalloc.c:3457! Oops: Invalid opcode: 0000 1 SMP KASAN NOPTI CPU: 4 UID: 0 PID: 7408 Comm: test.sh Kdump: Load...

Astra Linux – Vulnerability in Qemu

A issue was discovered in QEMU versions 7.1.0 through 8.2.1. In hw/pci/pciesriov.c, the registervfs function does not set NumVFs to PCISRIOVTOTALVF, resulting in improper interaction with hw/nvme/ctrl.c...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: hns3: fixed a kernel crash that occurred when uninstalling the driver. When the driver is uninstalled and the VFs are disabled concurrently, a kernel crash occurs. The reason is that both actions call the function...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013761 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd PCI/IOV: Add PCI...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013810)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013810 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011326 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006627 advisory. In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero It is possible to disable VF...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46857)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46857 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix bridge mode operations whe...

benet: fix BUG when creating VFs

...

SUSE CVE-2023-54070

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

Linux Distros Unpatched Vulnerability : CVE-2023-54070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 igb: Enable SR-IOV after reinit, removing the igb module could hang or crash...