Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed NULL pointer dereferencing in the error path When calling mlxswspacltcamregiondestroy from an error path after failing to attach the region to an ACL group, we encountered a NULL pointer dereferencin...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: A memory leak has been fixed when canceling the rehash operation. The rehash operation is rescheduled with a delay if the number of credits at the end of the operation is not negative—this indicates that t...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: A memory leak was fixed during the rehash operation. The rehash operation delays the migration of filters from one region to another. This is achieved by iterating over all chunks all filters with the same...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed a possible use-after-free during rehash. The rehash process delays the migration of filters from one region to another based on the number of available credits. If the number of credits is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005487)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005487 advisory. In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix incorrect list API usage Both the function that migrates all the chun...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-414866)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414866 advisory. In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix possible use-after-free during activity update The rule activity upda...

kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix incorrect list API usage The Linux kernel CVE team has assigned CVE-2024-36006 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052025-CVE-2024-36006-c032@gregkh/T...

kernel: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak during rehash The Linux kernel CVE team has assigned CVE-2024-35853 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2024-35853-869a@gregkh/T...

The vulnerability of the spectrum_acl_tcam.c component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the spectrumacltcam.c component in the Linux operating system is related to the disclosure of information. Exploiting this vulnerability could allow a perpetrator to cause a service failure...

CLSA-2025-1738853271 Fix of 54 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...

CLSA-2025-1738852812 Fix of 54 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...

The vulnerability of the mlxsw component in the Linux operating system’s kernel, which allows a hacker to trigger a service failure

The vulnerability of the mlxsw component in the Linux operating system’s kernel is related to a memory leak in the mlxswspacltcamvregionDestroy function. Exploiting this vulnerability could allow an attacker to cause a service failure...

kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix possible use-after-free during rehash The Linux kernel CVE team has assigned CVE-2024-35854 to this issue. Upstream advisory:...

kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix possible use-after-free during activity update The Linux kernel CVE team has assigned CVE-2024-35855 to this issue. Upstream advisory:...

kernel: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path

A flaw was found in the Linux kernel, where a faulty error handler in the driver for certain Mellanox hardware could lead to a null pointer reference. This issue affects system stability...

kernel: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path

A flaw was found in the Linux kernel, where a faulty error handler in the driver for certain Mellanox hardware could lead to a null pointer reference. This issue affects system stability...

mlxsw: spectrum_acl_tcam: Fix memory leak during rehash

...

kernel: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work

CVE-2024-35852 addresses a memory leak in the Linux kernel's mlxsw driver, specifically within the Spectrum ACL TCAM module. The issue occurs when rehash work is canceled while pending, leading to allocated hints not being freed properly. This results in a memory leak that can degrade system...

CVE-2024-35852

...

kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix incorrect list API usage The Linux kernel CVE team has assigned CVE-2024-36006 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052025-CVE-2024-36006-c032@gregkh/T...