UBUNTU-CVE-2026-53191

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

CVE-2026-53191

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet: The cqe.result field must always be initialized. The specification does not require that the first two double-word values i.e., the “results” for a command queue entry need to be set to 0 when they are not used this is not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed the Rx DMA data size and skboverpanic issue. The function managetrxbufcfg aligns the DMA data size of the RX buffer to be a multiple of 64. As a result, a packet slightly larger than mtu+14, for example, 1536...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fixed the initialization of the CQ fragments buffer. The function initcqfragbuf can be used to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during the CQ resize operatio...

CVE-2026-43466

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...

CVE-2026-43466 net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...

PT-2026-39127

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net/mlx5e component where a DMA FIFO desynchronization occurs during error CQE SQ recovery. When a TX error CQE triggers a recovery flow, the function mlx5e reset...

PT-2025-52987

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s io uring/net subsystem related to multishot receive completion queue entries CQEs. The issue involves a potential overflow that could lead to...

nvmet: always initialize cqe.result

...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986674)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986674 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to...

EUVD-2025-5202

Malicious code in bioql PyPI...

EUVD-2025-12916

Malicious code in bioql PyPI...

CVE-2023-53398

The CVE-2023-53398 entry describes a Linux kernel vulnerability in the mlx5 driver where fifo pop operations did not validate indices, enabling a potential use-after-free when popping from an empty queue during resync. The root cause was out-of-order CQEs that could drain the FIFO, allowing a SKB...

PT-2025-38377

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the mlx5 component related to potential use-after-free in the PTP Precision Time Protocol queue FIFO First-In, First-Out buffer. Insufficient chec...

SUSE CVE-2025-23154

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix ioreqpostcqe abuse by send bundle 114.987980 T5313 WARNING: CPU: 6 PID: 5313 at iouring/iouring.c:872 ioreqpostcqe+0x12e/0x4f0 114.991597 T5313 RIP: 0010:ioreqpostcqe+0x12e/0x4f0 115.001880 T5313 Call Trace:...

DEBIAN-CVE-2022-49858

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitted SQE at the same...

UBUNTU-CVE-2022-49858

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitted SQE at the same...

CVE-2025-21892

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning the QP to...

CVE-2025-21892

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning the QP to...