CVE-2026-31501

The CVE-2026-31501 issue affects the Linux kernel net: ti: icssg-prueth driver and is a use-after-free in the RX path. cpp i5_hdesc_get_psdata() returns a pointer into the CPPI descriptor, and the descriptor is freed via k3_cppi_desc_pool_free() before psdata[0]/psdata[1] are used by emac_rx_time...

CVE-2026-31501 net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path cppi5hdescgetpsdata returns a pointer into the CPPI descriptor. In both emacrxpacket and emacrxpacketzc, the descriptor is freed via k3cppidescpoolfree befor...

CVE-2023-54020

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: pdmadesc memory leak fix Commit b2cc5c465c2c "dmaengine: sf-pdma: Add multithread support for a DMA channel" changed sfpdmaprepdmamemcpy to unconditionally allocate a new sfpdmadesc each time it is called. The...

CVE-2023-54020

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: pdmadesc memory leak fix Commit b2cc5c465c2c "dmaengine: sf-pdma: Add multithread support for a DMA channel" changed sfpdmaprepdmamemcpy to unconditionally allocate a new sfpdmadesc each time it is called. The...

UBUNTU-CVE-2023-54020

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: pdmadesc memory leak fix Commit b2cc5c465c2c "dmaengine: sf-pdma: Add multithread support for a DMA channel" changed sfpdmaprepdmamemcpy to unconditionally allocate a new sfpdmadesc each time it is called. The...

Siemens SIMATIC Devices Use After Free (CVE-2024-35958)

net: ena: Fix incorrect descriptor free behavior This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503672; scriptversion"1.2";...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987680)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987680 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: imx-sdma: Fix a possible memory leak in sdmatransferinit If the function sdmaloadconte...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387934)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387934 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which...

kernel: RDMA/mlx5: Fix a WARN during dereg_mr for DM type

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during deregmr for DM type Memory regions MR of type DM device memory do not have an associated umem. In the mlx5ibderegmr - mlx5freeprivdescs flow, the code incorrectly takes the wrong branch, attempting to...

UBUNTU-CVE-2023-53014

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminateall Terminate vdesc when terminating an ongoing transfer. This will ensure that the vdesc is present in the descterminated list The descriptor will be freed later in descfreelist. Thi...

DEBIAN-CVE-2024-46716

In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdmafreedescriptor Remove listdel call in msgdmachandesccleanup, this should be the role of msgdmafreedescriptor. In consequence replace listaddtail with listmovetail in...

kernel: net: ena: Fix incorrect descriptor free behavior

This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...

PT-2024-32142

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.108 Linux kernel versions prior to 6.6.49 Linux kernel versions prior to 6.10.8 Description The issue is related to the dmaengine: altera-msgdma component in the Linux kernel, where the descriptor in msgdma...

SUSE CVE-2024-35958

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by XDPREDIRECT or XDPT...

DEBIAN-CVE-2024-35958

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by XDPREDIRECT or XDPT...

UBUNTU-CVE-2024-35958

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by XDPREDIRECT or XDPT...

CVE-2024-35958

The connected Astra Linux bulletin reiterates CVE-2024-35958: a Linux kernel issue in ENA TX queue descriptor handling was fixed. The root cause was an incorrect free/destruction path in ena_free_tx_bufs(), where TX descriptors for XDP_REDIRECT/XDP_TX queues could be freed improperly after a VF r...

CVE-2024-35958

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by XDPREDIRECT or XDPT...