CVE-2023-54048

CVE-2023-54048 in the Linux kernel’s RDMA bnxt_re driver: a race can occur after a QP is destroyed when the hardware may generate completions for that QP, leading to a race between destroy_cq and poll_cq. The advisory states that completions must be finished before returning from destroy_qp, and ...

CVE-2023-54048 RDMA/bnxt_re: Prevent handling any completions after qp destroy

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP is destroyed. Since...

CVE-2023-54048 RDMA/bnxt_re: Prevent handling any completions after qp destroy

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP is destroyed. Since...

CVE-2022-50736 RDMA/siw: Fix immediate work request flush to completion queue

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefined ocode value...

CVE-2022-50736 RDMA/siw: Fix immediate work request flush to completion queue

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefined ocode value...

CVE-2022-50736

CVE-2022-50736 affects the Linux kernel RDMA/siw path. A defect in how the opcode for a send queue element is set during immediate work-request flush to the completion queue can map an undefined ocode to an out-of-bounds access in the opcode/status mapping when the CQ is memory-mapped to userland...

CVE-2022-50726

In CVE-2022-50726, the Linux kernel mlx5 async command interface had a use-after-free caused by a race between mlx5_cmd_cleanup_async_ctx and mlx5_cmd_exec_cb_handler. The patch fixes this by using a completion object and completing when num_inflight reaches 0, ensuring cleanup only after all in-...

CVE-2022-50726 net/mlx5: Fix possible use-after-free in async command interface

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

CVE-2023-54030

In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...

CVE-2023-54030

In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...

UBUNTU-CVE-2023-54030

In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...

CVE-2023-53993

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIGDEBUGOBJECTS=y After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak with CONFIGDEBUGOBJECTS=y...

CVE-2023-54030 io_uring/net: don't overflow multishot recv

In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the possibility that RDMA bnxtre may process completion events even after destroying QPs, potentially leadin...

PT-2025-53046

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s RDMA/bnxt re component related to handling completions after queue pair QP destruction. Hardware may generate completions even after a QP is destroyed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not allocating sdiodonewq for asynchronous reads, which could lead to a failure of error completion processi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an enumeration completion signal error that could lead to memory corruption and probe delay timeouts...

PT-2025-53173

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The soundwire subsystem contains an issue related to enumeration completion. The subsystem utilizes completion structures to manage device enumeration, but the signaling mechanism is...

PT-2025-53040

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel’s RDMA/siw component related to handling immediate work requests and flushing to the completion queue. An incorrect send queue element opcode during...

SUSE SLES15 Security Update : libsoup (SUSE-SU-2025:4514-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4514-1 advisory. - CVE-2025-12105: Fixed heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555 Tenable has extracte...