90 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a race condition in devmap on PREEMPTRT kernels. On PREEMPTRT kernels, the per-CPU xdpdevbulkqueuebq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes that bqenque...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix OOB devmap writes when deleting elements Jordy reported an issue with XSKMAP, which also affects DEVMAP. Due to XSKMAP being a signed integer, OOB writes occur. The fix is simple—change the type from int to u32. However,...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix guppudrange for dax For dax pud, pudhuge returns true on x86. Therefore, the function works as long as hugetlb is configured. However, dax does not depend on hugetlb. The commit 414fd080d125 “mm/gup: fix guppmdrange f...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a stack-out-of-bounds write in devmap. The getupperifindexes function iterates over all upper devices and writes their indices into an array without checking bounds. Additionally, the calling functions assume that the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006648)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006648 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix guppudrange for dax For dax pud, pudhuge returns true on x86. So the function works a...
Linux Distros Unpatched Vulnerability : CVE-2026-23294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq ca...
bpf: Fix stack-out-of-bounds write in devmap
...
CVE-2026-23294
A flaw was found in the Linux kernel. A race condition in the devmap component, specifically within the xdpdevbulkqueue bq on PREEMPTRT kernels, allows multiple preemptible tasks on the same CPU to concurrently access the bq. This can lead to a use-after-free vulnerability, potentially resulting ...
SUSE CVE-2026-23359
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...
EUVD-2026-15336
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...
EUVD-2026-15225
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...
CVE-2026-23294
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...
CVE-2026-23359
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...
UBUNTU-CVE-2026-23294
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...
CVE-2026-23294
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...
CVE-2026-23359
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...
CVE-2026-23359
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...
CVE-2026-23359
CVE-2026-23359 stems from a Linux kernel bug in BPF devmap handling. get_upper_ifindexes() could write upper-device indices beyond the allocated stack, because the code assumed MAX_NEST_DEV (8) bounds, but the number of upper devices (e.g., many macvlan) could exceed that. The result is a stack-o...
CVE-2026-23359 bpf: Fix stack-out-of-bounds write in devmap
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...
CVE-2026-23359 bpf: Fix stack-out-of-bounds write in devmap
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...