Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Error handling in bnxtinitchip has been fixed. The WARNON function is triggered in flushwork if bnxtinitchip fails because we call cancelworksync on dim work that has not been initialized. WARNING: CPU: 37, PID: 5223, at...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50261)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50261 advisory. - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...

CVE-2026-43260

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The FW DMA is stopped in bnxtshutdown. The netifclose call in bnxtshutdown only stops packet DMA. There may be FW DMA for trace logging recently added, which will continue. If we execute an kexec to a new kernel, the DMA...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix receive ring space parameters when XDP is active The MTU setting at the time an XDP multi-buffer is attached determines whether the aggregation ring will be used and the rxskbfunc handler. This is done in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a NULL pointer derefrence issue in bnxtptpenable during error cleanup. When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error handling code calls bnxtfreehwrmresources, which...

Linux Distros Unpatched Vulnerability : CVE-2026-43034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that valu...

CVE-2026-43034

A flaw was found in the bnxten driver within the Linux kernel. This vulnerability arises from the bnxthwrmfuncbackingstoreqcapsv2 function using an incorrect type value from the firmware response to index internal data arrays. This improper indexing could lead to memory corruption, potentially...

EUVD-2026-18772

In the Linux kernel, the following vulnerability has been resolved: bnxten: fix OOB access in DBGBUFPRODUCER async event handler The ASYNCEVENTCMPLEVENTIDDBGBUFPRODUCER handler in bnxtasynceventprocess uses a firmware-supplied 'type' field directly as an index into bp-bstrace without bounds...

CVE-2026-31395

A flaw was found in the Linux kernel's bnxten driver. A malicious or compromised Network Interface Card NIC can exploit this vulnerability by providing a crafted 'type' field value. This value is used as an index without proper bounds validation, leading to an out-of-bounds access into kernel hea...

CVE-2026-31395

The CVE-2026-31395 issue affects the bnxt_en driver in the Linux kernel. The ASYNC_EVENT_CMPL_EVENT_ID_DBG_BUF_PRODUCER handler uses a firmware‑supplied 16‑bit type field as an index into bp->bs_trace[] without proper bounds validation, allowing values 0–65535 to trigger out‑of‑bounds access i...

CVE-2026-23041

CVE-2026-23041 (bnxt_en, Linux kernel) : A NULL-pointer dereference occurs in bnxt_ptp_enable during error cleanup when bnxt_init_one() fails. The error path frees HWRM resources (destroying the DMA pool and setting bp->hwrm_dma_pool to NULL) and later calls bnxt_ptp_clear(), which triggers pt...

CVE-2025-68770 bnxt_en: Fix XDP_TX path

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix XDPTX path For XDPTX action in bnxtrxxdp, clearing of the event flags is not correct. bnxtpollwork - bnxtrxpkt - bnxtrxxdp may be looping within NAPI and some event flags may be set in earlier iterations. In particula...

Linux Distros Unpatched Vulnerability : CVE-2025-68770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix XDPTX path For XDPTX action in bnxtrxxdp, clearing of the event flags is not...

EUVD-2022-55766

In the Linux kernel, the following vulnerability has been resolved: bnxten: fix memory leak in bnxtnvmtest Free the kzalloc'ed buffer before returning in the success path...

CVE-2022-50723 bnxt_en: fix memory leak in bnxt_nvm_test()

In the Linux kernel, the following vulnerability has been resolved: bnxten: fix memory leak in bnxtnvmtest Free the kzalloc'ed buffer before returning in the success path...

CVE-2022-50723 bnxt_en: fix memory leak in bnxt_nvm_test()

In the Linux kernel, the following vulnerability has been resolved: bnxten: fix memory leak in bnxtnvmtest Free the kzalloc'ed buffer before returning in the success path...

CVE-2025-68197

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix null pointer dereference in bnxtbstracecheckwrap With older FW, we may get the ASYNCEVENTCMPLEVENTIDDBGBUFPRODUCER for FW trace data type that has not been initialized. This will result in a crash in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989020 advisory. In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is...

EUVD-2025-13122

Malicious code in bioql PyPI...