CVE-2026-43465

CVE-2026-43465: Linux kernel mlx5e XDP multi-buf frag counting flaw. When XDP programs modify the XDP buffer layout (via bpf_xdp_pull_data/bpf_xdp_adjust_tail), the driver failed to count dropped fragments, risking negative page fragment reference counting and potential instability. Public report...

CVE-2026-43345

Summary: The CVE concerns the Linux kernel IPA driver. For IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to CH_C_CNTXT_1. The register definition intended to define this field in CH_C_CNTXT_1 but used the old identifier ERINDEX instead of CH_ERINDEX, causing an incorrect event rin...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the XDP multiple buffer fragment count in the net mlx5e RX component. This count does not correct...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the definition of the event loop index field in versions of IPA 5.0 and later. The old...

PT-2026-39125

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net/mlx5e component regarding XDP multi-buf fragment counting for legacy RQ. XDP multi-buf programs can modify the XDP buffer layout when calling bpf xdp pull data...

CVE-2026-43092

A flaw was found in the Linux kernel's AFXDP eXpress Data Path subsystem. The AFXDP bind operation fails to validate the Maximum Transmission Unit MTU against the usable frame space provided by the UMEM User Memory chunk. This can lead to situations where the configured MTU does not fit,...

EUVD-2026-27768

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: validate numifs to prevent out-of-bounds write The driver obtains swattr.numifs from firmware via dpswgetattributes but never validates it against DPSWMAXIF 64. This value controls iteration in...

CVE-2026-43248

In the Linux kernel, the following vulnerability has been resolved: vhost: move vdpa group bound check to vhostvdpa Remove duplication by consolidating these here. This reduces the posibility of a parent driver missing them. While we're at it, fix a bug in vdpasim where a valid ASID can be assign...

Missing Authorization

Overview org.apache.polaris:polaris-runtime-service is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this...

CVE-2026-42809 Apache Polaris: staged table creation could vend storage credentials for unvalidated locations

Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed the issue where the XDP program was unloaded while the driver was being removed. The commit 6533e558c650 “i40e: Fixed the reset path while removing the driver” introduced a new PF state "I40EINREMOVE" to prevent...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed incorrect descriptor freeing behavior. ENA has two types of TX queues: - Queues that only process TX packets arriving from the network stack. - Queues that only process TX packets forwarded to them by XDPREDIRECT ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Packet corruption occurred in vmxnet3xdpxmitframe. Andrew and Nikolay reported connectivity issues with Cilium’s service load-balancing in the case of vmxnet3. If a BPF program for native XDP adds an encapsulation header...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: igb: Fixed a use-after-free issue in igbcleantxring. Fixed the following use-after-free bug in the igbcleantxring routine when the NIC is running in XDP mode. This issue can be triggered by redirecting traffic to the igb NIC a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel’s BPF subsystem. This...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: XDP: Use the flags field to disambiguate broadcast redirections When redirecting a packet using XDP, the bpfredirectmap helper function sets the redirection destination information in the struct bpfredirectinfo structure using th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Use a static NDP16 location within the URB. The original code allowed the start of NDP16 to be anywhere within the URB, based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, which ma...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

The network backend may cause Linux netfront to use freed SKBs. While adding logic to support XDP eXpress Data Path, a code label was moved in a way that allows SKBs to retain references pointers for further processing, so that they can still be freed...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the receive ring space parameters when XDP is active. The MTU setting at the time a XDP multi-buffer is attached determines whether the aggregation ring will be used and the rxskbfunc handler. This is done in...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDPTX or XDPREDIRECT. When tx/rx ring buffer size is changedethtool -G, sfc driver reallocates and...