EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2247)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 nfsd: fix RELEASELOCKOWNERCVE-2024-26629 bonding: limit BONDMODE8023AD to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Prevent NULL pointer dereferencing during reload Calling ethtool during reload can lead to a call trace issue, because the VSI is not configured for some time, but the netdev is still active. To fix this, add a rtnl lock for...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: igc: Avoid kernel warnings when changing RX ring parameters Calling ethtool to change RX ring parameters like this: $ ethtool -G eth0 rx 1024 triggers kernel warnings like this: 225.198467 ------------ Cut here 225.198473 Missing...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the call trace in setuptxdescriptors. After a PF reset and the use of ethtool -t, there was a call trace in dmesg. Sometimes this led to a panic. After some time, approximately 5 seconds, between a reset and a test...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: The txtstamps field is set when creating new Tx rings using ethtool. When the user changes the number of queues via ethtool, the driver allocates new Tx rings. This allocation does not initialize the txtstamps field. As a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: idpf: Fixed a NULL pointer crash that occurred during early ethtool operations. The RSS LUT is not initialized until the interface becomes active. This caused a NULL pointer crash when ethtool operations like rxhash to turn it...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: gianfar: ethtool: Fixed a refcount leak in gfargettsinfo The offindcompatiblenode function returns a node pointer with the refcount incremented. We should use ofnodeput on it after processing. Also, add the missing ofnodeput to...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Netwerk: Ethernet: mvpp2main: A possible OOB write issue has been fixed in mvpp2ethtoolgetrxnfc. The rules parameter is allocated in ethtoolgetrxnfc, and its size is determined by rulecnt from the user space. Therefore, rulecnt...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: core: Prevent NULL dereference in generichwtstampioctllower The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampget -...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel through version 5.16-rc6. The function netvscgetethtoolstats in the drivers/net/hyperv/netvscdrv.c file lacks a check on the return value of kvmallocarray, which can lead to a null pointer derefrence...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: corrected out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change during runtime, we should use numtxqueues instead. Additionally, iavfgetethtoolstats...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fixed a potential NULL dereference in ethtoolsetcoalesce. ethtoolsetcoalesce now uses both .getcoalesce and .setcoalesce callbacks. However, the check for their availability is buggy. Therefore, changing the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fixed the null-dereference on genlinfo in the dump. A similar fix, as described in commit 46cdedf2a0fa “ethtool: pse-pd: fixed the null-dereference on genlinfo in the dump”, is also required for ethtool eeprom...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bonding: Fix for missing rcu protection. When removing the rcureadlock from bondethtoolgettsinfo, I didn’t realize that it could also be called via setsockopt, which does not hold a rcu lock. As pointed out by syzbot: Stack trace...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Netwerk: Ethernet: mtkethsoc: out-of-bounds read in mtkhwlrogetfdirentry The “fsp-location” variable comes from the user via ethtoolgetrxnfc. Verifying that it is valid prevents an out-of-bounds read...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: Do not perform operations on net devices that are not yet registered. There is a short period between when a net device starts to be unregistered and when it is actually gone. During that time frame, ethtool operations c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message length calculation The outer nesting of ETHTOOLASTRSETSTRINGSETS is not taken into account. This may result in ETHTOOLMSGSTRSETGET generating a warning like this: “Calculated message payload length 68...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Netwerk: Ethernet: mtkethsoc: A possible NULL pointer dereferencing has been fixed in the mtkhwlrogetfdirall function. The rulelocs variable is allocated in the ethtoolgetrxnfc function, and its size is determined by rulecnt from...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: virtionet: Do not send RSS commands if the feature is not available on the device. There is a bug when setting RSS options in virtionet that can cause the entire machine to become unstable, leading to an infinite loop in the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BUG: Crash occurs when reading statistics while the NIC is resetting. The efxnetstats function dondogetstats64 can be called during an ethtool self-test. During this period, nicdata-mcstats is NULL because the NIC has been...