15 matches found
SUSE-SU-2026:2482-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished...
OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/efa: Fixed the issue of using the completion context after it has been freed. Regarding the handling of admin queue completions, if the admin command completes with an error, we print data from the completion context. The...
EUVD-2026-24863
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the completion context in...
CVE-2026-31493
The CVE-2026-31493 issue exists in Linux kernel RDMA/efa admin queue completion handling: when a command completes with an error, the code may print from a completion context that has already been freed, leading to use-after-free-like behavior. The root cause is use of a freed completion context ...
Linux Distros Unpatched Vulnerability : CVE-2026-31493
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion...
PT-2026-34398
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the RDMA/efa component during admin queue completion handling. When an admin command completes with an error, the system attempts to print data from the...
UBUNTU-CVE-2023-54201
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...
Linux Distros Unpatched Vulnerability : CVE-2023-54201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated f...
EUVD-2025-134362
Malicious code in kiudt-acog-efa npm...
EUVD-2025-134363
Malicious code in kiudt-acog-efa npm...
Malicious code in kiudt-acog-efa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f5c8d83e7641aeda42a9db84c8247a885113ed6b21ca09597a1c78e25e5ada7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-179730 Malicious code in kiudt-acog-efa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f5c8d83e7641aeda42a9db84c8247a885113ed6b21ca09597a1c78e25e5ada7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
efa-aef.eu Cross Site Scripting vulnerability OBB-2375108
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
EFA Query - Suspicious files, WebView JavaScript enabled, WebView files access vulnerabilities
HackApp vulnerability scanner discovered that application EFA Query published at the 'play' market has multiple vulnerabilities...