134 matches found
UBUNTU-CVE-2023-52998
In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...
CVE-2023-52998
CVE-2023-52998 — In the Linux kernel’s fec driver, freeing RX buffers used page_pool_release_page, which unmaps but doesn’t recycle pages, enabling memory exhaustion after repeated eth0 up/down. A fix replaces it with page_pool_put_full_page, recycling the page when refcnt == 1. The vulnerability...
CVE-2023-52985
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fec driver tries to power down the phy which leads to crash of the kernel and non-responsible kernel with the...
Linux Distros Unpatched Vulnerability : CVE-2025-21676
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: fec: removed .ndopollcontroller to avoid deadlocks. A deadlock issue was found in the sungem driver. Please refer to the commit ac0a230f719b “eth: sungem: removed .ndopollcontroller to avoid deadlocks”. The root cause of the...
CLSA-2025-1738958068 Fix of 49 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test NAPISTATESCHED in pollonenapi CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndopollcontroller to...
CLSA-2025-1738853271 Fix of 54 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...
CLSA-2025-1738852812 Fix of 54 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...
SUSE CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
DEBIAN-CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
AZL-56387 CVE-2025-21676 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
UBUNTU-CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676 net: fec: handle page_pool_dev_alloc_pages error
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676 net: fec: handle page_pool_dev_alloc_pages error
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676 net: fec: handle page_pool_dev_alloc_pages error
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676
CVE-2025-21676 : In the Linux kernel, the fec driver could crash when page_pool_dev_alloc_pages returned NULL under memory pressure because the error was not handled in fec_enet_update_cbd. The fix drops the current packet instead of dereferencing a NULL page, addressing a rare but possible crash...
DEBIAN-CVE-2024-50097
In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms such as i.MX25 and i.MX27 do not support PTP, so on these platforms fecptpinit is not called and the related members in fep are not initialized. However,...