Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: corrected out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change during runtime, we should use numtxqueues instead. Additionally, iavfgetethtoolstats...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed error handling related to adminq. iavfallocasqbufs/iavfallocarqbufs allocate memory for VF mailbox using dmaalloccoherent. DMA regions are freed for both ASQ and ARQ in case an error occurs during the configuration...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed handling of dummy receive descriptors. A memory leak caused by improper handling of dummy receive descriptors was also fixed. iavfgetrxbuffer now sets the rxbuffer return value for dummy receive descriptors. Without...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix for hang during reboot/shutdown The recent commit 974578017fc1 “iavf: Add waiting so that the port is initialized in remove” adds a wait-loop at the beginning of iavfremove, to ensure that port initialization is complet...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: fix PTP use-after-free during reset The commit 7c01dbfc8a1c5f “iavf: periodically cache PHC time” introduced a worker that was responsible for caching PHC time. However, this worker failed to stop or disable itself during...

CVE-2026-43447

A flaw was found in the Linux kernel's iavf driver. A race condition exists where the Precision Time Protocol PTP worker attempts to access adapter resources that have already been freed during a reset or disable operation. This use-after-free vulnerability can lead to a system crash, resulting i...

EUVD-2026-28753

In the Linux kernel, the following vulnerability has been resolved: iavf: fix PTP use-after-free during reset Commit 7c01dbfc8a1c5f "iavf: periodically cache PHC time" introduced a worker to cache PHC time, but failed to stop it during reset or disable. This creates a race condition where...

CVE-2026-43447

Summary: CVE-2026-43447 affects the Linux kernel iavf driver. A race condition arises when a PTP worker that caches PHC time is not stopped during adapter reset/disable, potentially freeing AQ-backed resources while the worker runs. If the worker calls into ptp commands during teardown, memory/lo...

CVE-2026-43447 iavf: fix PTP use-after-free during reset

In the Linux kernel, the following vulnerability has been resolved: iavf: fix PTP use-after-free during reset Commit 7c01dbfc8a1c5f "iavf: periodically cache PHC time" introduced a worker to cache PHC time, but failed to stop it during reset or disable. This creates a race condition where...

CVE-2026-43447

In the Linux kernel, the following vulnerability has been resolved: iavf: fix PTP use-after-free during reset Commit 7c01dbfc8a1c5f "iavf: periodically cache PHC time" introduced a worker to cache PHC time, but failed to stop it during reset or disable. This creates a race condition where...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the issue of releasing and reusing resources during PTP reset operations in iavf, potentially...

SUSE CVE-2026-31505

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...

CVE-2026-31505

A flaw was found in the Linux kernel's iavf driver. This vulnerability, an out-of-bounds write, occurs when a user simultaneously executes specific ethtool commands, specifically "ethtool -L" and "ethtool -S". This can lead to memory corruption, potentially causing a system crash and resulting in...

CVE-2026-31505

The CVE-2026-31505 issue affects the Linux kernel iavf driver: out-of-bounds writes occur because iavf_get_ethtool_stats() uses real_num_tx_queues for ETH_SS_STATS while other paths use num_tx_queues, enabling memory corruption when ethtool -L and ethtool -S run concurrently. The fix is to use im...

PT-2026-34410

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavf get ethtool stats iavf incorrectly uses real num tx queues for ETH SS STATS. Since the value could change in runtime, we should use num tx queues instead. Moreover iavf get ethtool stats use...

SUSE CVE-2025-71087

In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavfconfigrssreg There are off-by-one bugs when configuring RSS hash key and lookup table, causing out-of-bounds reads to memory 1 and out-of-bounds writes to device registers. Before commit...

CVE-2025-71087

CVE-2025-71087: Linux kernel iavf RSS configuration fix for off-by-one in iavf_config_rss_reg(). The issue caused out-of-bounds reads/writes when configuring RSS hash key/lookup table due to loop bounds using <= with rss_key_size/rss_lut_size; the fix switches to < to enforce proper bounds....

SUSE CVE-2025-68752

In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptpclocksettime assumes every ptpclock has implemented settime64. Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050bbe63 "gve: Implement...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an unimplemented settime64 in the ptpclocksettime function in the iavf driver, which could lead to a null...

EUVD-2023-60146

In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavfresettask is running, LINKSTATESTART will be cleared and netifrunning will return false in iavfreinitinterruptscheme. This will resul...