kernel: bnxt_en: Fix RSS context delete logic

A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: fixed a memory leak in bnxtnvmtest Free the kzalloc’ed buffer before returning on the success path...

Malicious code in picnic-react-mise-en-place (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d57f4579f4e0842567d9e59bfa74af355f457cbfdfeabe0f65a9e6952f79aa34 The OpenSSF Package Analysis project identified 'picnic-react-mise-en-place' @ 9999.0.0 npm as malicious. It is considered malicious because: -...

MAL-2026-5122 Malicious code in picnic-react-mise-en-place (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d57f4579f4e0842567d9e59bfa74af355f457cbfdfeabe0f65a9e6952f79aa34 The OpenSSF Package Analysis project identified 'picnic-react-mise-en-place' @ 9999.0.0 npm as malicious. It is considered malicious because: -...

Malicious code in git-en-boite-inventory (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ce51f21e43fe31cbc2ad9ea659087abadc9eeba578dbb559ab1443392af44a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview git-en-boite-inventory is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx4en: Fixed a use-after-free bug in mlx4entryallocresources In mlx4entryallocresources, mlx4encopypriv is called, and tmp-txcq will be freed during the error path of mlx4encopypriv. After that, mlx4enallocresources is calle...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The backing store type is set based on the query type. The bnxthwrmfuncbackingstoreqcapsv2 function stores resp-type from the firmware response in ctxm-type, and then uses that value to index fixed backing-store metadata...

SUSE CVE-2026-43260

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

CVE-2026-43260

A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...

EUVD-2026-27820

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

CVE-2026-43260

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

CVE-2026-43260 bnxt_en: Fix RSS context delete logic

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

CVE-2026-43260

The CVE concerns the bnxt_en driver in the Linux kernel. The vulnerability stems from RSS context deletion logic that could leak VNICs in firmware when deleting RSS contexts with the interface down, leading to failures when re-opening and restoring RSS contexts. The fix removes the netif_running(...

Linux Distros Unpatched Vulnerability : CVE-2026-43191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is not held for the entire duration, and some data structures may be freed during this process. Instead of checking netifrunning,...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data. The driver needs to keep track of all possible concurrent TPA GRO/LRO completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256, and the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed null pointer dereference in bnxtbstracecheckwrap. With older firmware versions, we might encounter the ASYNCEVENTCMPLEVENTIDDBGBUFPRODUCER for the FW trace data type that has not been initialized. This could lead to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The bdcnt field in the TX BD must be properly masked. The bdcnt field in the TX BD specifies the total number of BDs for the TX packet. This field consists of 5 bits, and the maximum supported value is 32, with the value ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix lockdep warning during rmmod The commit under the Fixes tag added a netdevassertlocked in bnxtfreentpfltrs. The lock should be held during normal run-time but the assert will be triggered see below during bnxtremoveon...