SUSE-SU-2026:2238-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. -...

SUSE-SU-2026:2217-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-68310: s390/pci: Use pciueventers in PCI recovery bsc1255160. - CVE-2025-71183: btrfs: always detect...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed a kernel crash during reboot when the adapter is in recovery mode. If the driver detects during the probe that the firmware is in recovery mode, then i40einitrecoverymode is called, and the rest of the probe functi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the call trace in setuptxdescriptors. After a PF reset and the use of ethtool -t, there was a call trace in dmesg. Sometimes this led to a panic. After some time, approximately 5 seconds, between a reset and a test...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Do not use the WQMEMRECLAIM flag for the workqueue. The issue was reported by a customer during SRIOV testing. When both the i40e and i40iw drivers are loaded, a warning is triggered in the checkFlushDependency function...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Added validation for the ringlen parameter. The ringlen parameter provided by the virtual function VF is assigned directly to the hardware memory context HMC without any validation. To address this issue, a upper boundar...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed the issue of freeing uninitialized misc IRQ vectors. When the VSI setup failed in i40eprobe, as part of the PF switch setup, the driver tried to free misc IRQ vectors in i40eclearinterruptscheme, resulting in a kernel...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed queue reservation for XDP When XDP was configured on a system with a large number of CPUs and X722 NIC, there was a call trace involving NULL pointer dereferencing. The error message was: “i40e 0000:87:00.0: Failed...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed the macvlan leak by synchronizing access to macfilterhash This patch addresses a macvlan leak issue in the i40e driver, which was caused by concurrent access to vsi-macfilterhash. The leak occurs when multiple threads...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i40e: fixed the issue of freeing IRQs in the i40evsirequestirqmsix error path. If requestirq in i40evsirequestirqmsix fails in an iteration later than the first one, the error path attempts to free the IRQs that have been request...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the idx validation in config queues msg. Ensured that idx is within the range of active/initialized TC’s when iterating over vf-chidx in i40evcconfigqueuesmsg...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the issue where the “vf” variable might be used without initialization in this function. To address the regression introduced by commit 52424f974bc5, which causes servers to hang under very difficult-to-reproduce...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VFs to remove the administratively set MAC address. Currently, when a PF Powerful User administratively sets the MAC address of a VF, and the VF is put down i.e., the VF attempts to delete all MAC...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed the MMIO write access to an invalid page in i40eclearhw. When the device sends a specific input, an integer underflow can occur, resulting in MMIO write access to an invalid page. This issue can be prevented by changi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in i40edbgdumpdesc. When attempting to dump VFs using debugfs, a crash occurred due to NULL pointer dereferencing in i40edbgdumpdesc. A check was added to i40edbgdumpdesc to ensure that the...

CLSA-2026-1777637310 Fix of 13 CVEs

CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: scatterwalk - Backport memcpysglist CVE-2026-31431 - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption CVE-2026-31431 - crypto: authencesn - Fix src...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013679)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013679 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TC...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013763)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013763 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: add max boundary check for VF filters There is no check for max filters that VF can request...