Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Do not access a released socket during error recovery. While the error recovery mechanism is temporarily failing due to reconnect attempts, running the nvme list command causes a kernel NULL pointer derefrence by callin...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed a possible use-after-free issue in the transport errorrecovery process. While nvmetcpsubmitasynceventwork checks the ctrl and queue states before preparing the AER command and scheduling iowork, this check is...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc “nvme-tcp: do not access released sockets during error recovery” added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery. Instead, use devicelock instead of pcidevlock...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is not held for the entire duration, and some data structures may be freed during this process. Instead of checking netifrunning,...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-rdma: fixed a possible use-after-free in the transport errorrecovery process. While nvmerdmasubmitasynceventwork checks the ctrl and queue states before preparing the AER command and scheduling iowork, this check is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed an issue where the HCAPORTS component was unregistered twice. Clear the hcadevcomcomp field in the device’s private data after unregistering it during the LAG teardown. Otherwise, a slightly delayed second pass...

SUSE CVE-2026-43466

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...

CVE-2026-43466

A flaw was found in the Linux kernel's mlx5e network driver. During a transmit TX error recovery process, a desynchronization occurs in the Direct Memory Access DMA First-In, First-Out FIFO buffer. This desynchronization causes the system to incorrectly unmap memory addresses, which can lead to...

EUVD-2026-28772

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...

CVE-2026-43466

Summary (CVE-2026-43466) : The Linux kernel mlx5e driver had a desync bug in the software DMA FIFO during TX error recovery. Specifically, during recovery, dma_fifo_cc was reset to 0 while dma_fifo_pc was not, causing producer/consumer to operate on misaligned indices. After recovery, new entries...

CVE-2026-43466

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...

Linux Distros Unpatched Vulnerability : CVE-2026-43466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but n...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix premature hw access after PCI error After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS to give the resume...

CVE-2026-31498 Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : kernel (RHSA-2026:9644)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9644 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel:A use-after-free ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013061)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013061 advisory. In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which...

SUSE SLES12 Security Update : kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:1304-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1304-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.275 fixes various security issues The following security issues were fixed: -...