UBUNTU-CVE-2026-23165

In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the netdevice's rsslock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...

CVE-2026-23165

CVE-2026-23165 affects the Linux kernel sfc (Solarflare) network driver. The issue is a deadlock when reading RSS config with ethtool -x because the driver locks the net_device rss_lock that is already held by the core; the fix is to remove the driver-side lock acquisition (deadlock avoidance). P...

PT-2026-8160

In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the net device's rss lock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...

UBUNTU-CVE-2026-22993

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL ptr issue after soft reset During soft reset, the RSS LUT is freed and not restored unless the interface is up. If an ethtool command that accesses the rss lut is attempted immediately after reset, it will...

CVE-2025-71137

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size rxpending is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring size...

CVE-2025-71137

CVE-2025-71137 relates to the Linux kernel, where the octeontx2-pf driver patch fixes a UBSAN shift-out-of-bounds error by ensuring the RX ring size (rx_pending) is not set below the permitted length. This prevents UBSAN faults when users pass small or zero ring sizes via ethtool -G. The fix is a...

EUVD-2010-3085

Malware in sbrugna...

EUVD-2025-22601

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-38402

In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation fail. Command: ethto...

UBUNTU-CVE-2025-38402

In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation fail. Command: ethto...

CVE-2025-38402 idpf: return 0 size for RSS key if not supported

In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation fail. Command: ethto...

PT-2025-30802

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where returning -EOPNOTSUPP from a function that returns a u32 can lead to a cast and an invalid size value. This can potentially cause allocation...

CVE-2025-37911 bnxt_en: Fix out-of-bound memcpy() during ethtool -w

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix out-of-bound memcpy during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in bnxtgetcoredump+0x3ef/0x670 bnxten Corrupted memory at...

CVE-2025-37911

CVE-2025-37911 affects the bnxt_en driver in the Linux kernel. The issue is an out-of-bounds memcpy when retrieving a firmware coredump via ethtool -w, which can lead to memory corruption. The root cause is a mismatch between the DMA-length returned by the firmware and info->dest_buf size when...

CVE-2025-21921

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

OESA-2025-1284 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDPTX or XDPREDIRECT. When tx/rx ring...

CVE-2024-46770

In the Linux kernel, the following vulnerability has been resolved: ice: Add netifdeviceattach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL pointer dereference seen...

CVE-2024-46770

In the Linux kernel, the following vulnerability has been resolved: ice: Add netifdeviceattach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL pointer dereference seen...

CVE-2024-46770 ice: Add netif_device_attach/detach into PF reset flow

In the Linux kernel, the following vulnerability has been resolved: ice: Add netifdeviceattach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL pointer dereference seen...

SUSE CVE-2010-3084

Buffer overflow in the niugetethtooltcamall function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOLGRXCLSRLALL ethtool command...