46 matches found
USN-8310-1 linux-azure, linux-azure-6.17 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8277-2 linux-oracle-6.17 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8277-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, for the dsa module, the microchip function has been updated to include a condition for scheduling the kszmibreadwork function. When the ksz module is installed or removed using the rmmod command, the kernel...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fixed a panic that occurred when the DSA master device unbinds during shutdown. Rafael reported that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master dpaa2-eth is active, the...
AZL-78428 CVE-2025-71152 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...
CVE-2025-71152
In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...
CVE-2025-71152
CVE-2025-71152 is a vulnerability reported in the Linux kernel and appears in multiple OS advisories. Connected entries indicate patches for Root Linux (rootio-linux) across Debian 11/12/13 variants, and additional OSV records show Debian-based and Chainguard advisories patching Root packages. Pu...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37864)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37864 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entrie...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37786)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37786 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe...
UBUNTU-CVE-2022-50837
In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: avoid leaking ctx on dsatag8021qregister error path If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will leak. Make sure it is...
CVE-2023-54149
In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...
UBUNTU-CVE-2023-54149
In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...
CVE-2023-54149 net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses
In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...
PT-2025-53226
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to suspicious RCU Read-Copy Update usage when handling VLAN-aware MAC addresses within the networking subsystem. Specifically, the issue occurs...
PT-2025-52754
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to DSA Distributed Switch Architecture and Microchip network devices. Specifically, the ksz irq free function may be called on an uninitialized...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988852)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988852 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...
ROS-20251013-02
Vulnerability of the fpsimdreleasetask function in the arch/arm64/kernel/fpsimd.c module of the Linux kernel is related to a memory leak. Linux kernel is related to a memory leak. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of...
CVE-2023-53170
CVE-2023-53170 relates to the Linux kernel where the patch eliminates an unnecessary of_node_put in felix_parse_ports_node (net: dsa). The fix removes the of_node_put from the continue path to prevent the child node from being released twice, which could otherwise lead to resource leaks or other ...
net: dsa: b53: do not enable EEE on bcm63xx
...