Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Do not store mlx5epriv in mlx5edev devlink priv. mlx5epriv is an unstable structure that can be memset0 if profile attachment fails. mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev...

CVE-2026-43468

A flaw was found in the net/mlx5 component of the Linux kernel. This vulnerability involves a deadlock condition that can occur when the eswitchmodeset function attempts to acquire a devlink lock while the esw-workqueue is executing and also trying to acquire the same lock. This concurrent lock...

EUVD-2026-28774

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

CVE-2026-43468

CVE-2026-43468 affects the Linux kernel net/mlx5 subsystem, where a deadlock can occur between the devlink lock and the esw->work_queue. The deadlock trace involves esw_functions_changed_event_handler executing esw_vfs_changed_event_handler, while eswitch_mode_set acquires the devlink lock and...

CVE-2026-43468

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

CVE-2026-43012

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...

SUSE CVE-2026-23035

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails. Pass netdev to mlx5edestroynetdev to guarantee it will work on a valid netdev. On...

AZL-77232 CVE-2026-23035 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails. Pass netdev to mlx5edestroynetdev to guarantee it will work on a valid netdev. On...

AZL-77295 CVE-2026-22996 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...

UBUNTU-CVE-2026-22996

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...

CVE-2026-22996

CVE-2026-22996 affects the Linux kernel mlx5e subsystems. The issue arises from storing the unstable mlx5e_priv in mlx5e_dev devlink priv, which could lead to a kernel NULL dereference during profile changes and an oops in mlx5e_remove. The fix stores netdev directly into mlx5e_dev and derives md...

PT-2025-54045

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the eswitch object mapping pool while in nic mode where it isn't initialized. This results in the trace below 0. Fix that by using either nic or eswitch...

CVE-2025-38417 ice: fix eswitch code memory leak in reset scenario

In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows triggers VF if present...

CVE-2025-38417

The CVE-2025-38417 issue affects the Linux kernel ice/eswitch path where memory for VF port representors could be allocated during reset and not freed in legacy (non-switchdev) mode. The fix adds a mode check to allocate required port memory only in switchdev mode and prevents blindly allocating ...

CVE-2025-38417

In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows triggers VF if present...