15 matches found
kernel: i40e: fix idx validation in config queues msg
A flaw was found in the Linux kernel in the Intel i40e network driver such that in the function i40evcconfigqueuesmsg, when iterating over vf-chidx, the idx value is not properly validated against the range of active/initialized traffic classes TCs. An attacker with local privileges could supply ...
PT-2025-42247
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s i40e network driver related to index validation within the i40e validate queue map function. Specifically, the issue occurs when iterating over...
Linux Distros Unpatched Vulnerability : CVE-2025-37861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access between the reset thread and the TM thread for reply queues. When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an inval...
CVE-2021-35092
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
SUSE CVE-2025-37861
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...
DEBIAN-CVE-2025-37861
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...
AZL-62498 CVE-2025-37861 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...
CVE-2025-37861
The CVE 2025-37861 pertains to the Linux kernel SCSI MPI3MR driver where the TM thread could process reply queues while the reset thread reinitializes them, causing an access to an invalid queue ID (0xFFFF) and a crash. The fix adds a synchronization flag io_admin_reset_sync. Before a reset, the ...
DEBIAN-CVE-2025-23158
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...
PT-2025-20511
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been identified where the task management thread accesses an invalid queue ID, set by the reset thread, which points to unallocated memory, causing a cras...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference that could be caused by improper validation of hardware queue pointers by the scs...
CVE-2022-48652 ice: Fix crash by keep old cfg when update TCs more than queues
In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 "ice: ethtool: Prohibit improper channel config for DCB" already disallow setti...
Design/Logic Flaw
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
Qualcomm 输入验证错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits including primarily semiconductor devices, but also passive components, etc. and from time to time fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Modem module of...