EUVD-2025-201206

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

Linux Distros Unpatched Vulnerability : CVE-2025-40251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to Unset parent for all rate objects. However, it wa...

PT-2025-49081

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc4+ Description The devl rate nodes destroy function in the Linux kernel did not correctly unset the parent pointer for rate objects, leading to a dangling pointer in the devlink rate struct. This issue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly clearing the devlinkrate parent pointer, which could result in a reference counting error...

TencentOS Server 4: kernel (TSSA-2025:0046)

"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0046 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilitie...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988899)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988899 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105setupdevlinkregions When dsadevlinkregioncreate fail...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988896)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988896 advisory. In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlinknlcmdreload While preparing my patch series adding net...

net/mlx5: Fix peer devlink set for SF representor devlink port

...

SUSE CVE-2025-40091

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

EUVD-2025-36987

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

CVE-2025-40091

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

UBUNTU-CVE-2025-40091

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

CVE-2025-40091 ixgbe: fix too early devlink_free() in ixgbe_remove()

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

CVE-2025-40091

CVE-2025-40091 in the Linux kernel affects the ixgbe driver. The issue is a use-after-free (UAF) caused by calling devlink_free() too early in the ixgbe_remove() path, because ixgbe_adapter is embedded in devlink. The advisory states the fix is to move devlink_free() to the end of the removal seq...

CVE-2025-40091 ixgbe: fix too early devlink_free() in ixgbe_remove()

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

CVE-2025-40091

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a premature call to devlinkfree in the ixgberemove function, which could lead to reuse after release...

Linux Distros Unpatched Vulnerability : CVE-2023-53470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ionic: catch failure from devlinkalloc Add a check for NULL on the alloc return. If devlinkalloc fails and we try to use devlinkpriv on the NULL return, the...

Linux Distros Unpatched Vulnerability : CVE-2023-53507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister devlink params in case interface is down Currently, in case an interfac...