Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: gianfar: ethtool: Fixed a refcount leak in gfargettsinfo The offindcompatiblenode function returns a node pointer with the refcount incremented. We should use ofnodeput on it after processing. Also, add the missing ofnodeput to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fixed a potential NULL dereference in ethtoolsetcoalesce. ethtoolsetcoalesce now uses both .getcoalesce and .setcoalesce callbacks. However, the check for their availability is buggy. Therefore, changing the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bonding: Fix for missing rcu protection. When removing the rcureadlock from bondethtoolgettsinfo, I didn’t realize that it could also be called via setsockopt, which does not hold a rcu lock. As pointed out by syzbot: Stack trace...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDPTX or XDPREDIRECT. When tx/rx ring buffer size is changedethtool -G, sfc driver reallocates and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: igc: Avoid kernel warnings when changing RX ring parameters Calling ethtool to change RX ring parameters like this: $ ethtool -G eth0 rx 1024 triggers kernel warnings like this: 225.198467 ------------ Cut here 225.198473 Missing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and config. Set...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Netwerk: Ethernet: mtkethsoc: out-of-bounds read in mtkhwlrogetfdirentry The “fsp-location” variable comes from the user via ethtoolgetrxnfc. It must be checked to ensure that it is valid, thereby preventing an out-of-bounds read...

CVE-2026-31695

A flaw was found in the Linux kernel's virtwifi component. A local user can exploit a race condition during the unregistration of a virtwifi network device, where its parent pointer might refer to freed memory during ethtool operations. This use-after-free vulnerability can lead to system...

CVE-2026-31695

In the Linux kernel, the following vulnerability has been resolved: wifi: virtwifi: remove SETNETDEVDEV to avoid use-after-free Currently we execute SETNETDEVDEVdev, &priv-lowerdev-dev for the virtwifi net devices. However, unregistering a virtwifi device in netdevruntodo can happen together with...

CVE-2026-31727

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 "usb: gadget: fncm: Fix netdevice lifecycle with devicemove" reparents the gadget device to /sys/devices/virtual during unbind, clearing the gadget...

EUVD-2026-26504

In the Linux kernel, the following vulnerability has been resolved: wifi: virtwifi: remove SETNETDEVDEV to avoid use-after-free Currently we execute SETNETDEVDEVdev, &priv-lowerdev-dev for the virtwifi net devices. However, unregistering a virtwifi device in netdevruntodo can happen together with...

CVE-2026-31695

CVE-2026-31695 is a Linux kernel issue affecting the virt_wifi driver. The root cause is a race during unregistration where a device’s parent pointer could reference freed memory, causing a use-after-free during ethtool operations. The vulnerability arises from using SET_NETDEV_DEV(dev, &priv-&gt...

CVE-2026-31695

In the Linux kernel, the following vulnerability has been resolved: wifi: virtwifi: remove SETNETDEVDEV to avoid use-after-free Currently we execute SETNETDEVDEVdev, &priv-;lowerdev-dev for the virtwifi net devices. However, unregistering a virtwifi device in netdevruntodo can happen together wit...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the virtwifi device to reallocate memory after release. This could lead to access to...

SUSE CVE-2026-31494

In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...

SUSE CVE-2026-31505

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...

CVE-2026-31505

A flaw was found in the Linux kernel's iavf driver. This vulnerability, an out-of-bounds write, occurs when a user simultaneously executes specific ethtool commands, specifically "ethtool -L" and "ethtool -S". This can lead to memory corruption, potentially causing a system crash and resulting in...

CVE-2026-31494

A flaw was found in the Linux kernel's macb network driver. A local user can exploit this vulnerability due to an out-of-bounds write in the gemgetethtoolstats function. This occurs when the driver incorrectly copies data using the maximum number of queues instead of the active number, leading to...

EUVD-2026-24864

In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...

CVE-2026-31505

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...