Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netifnapidel When queues are started, netifnapiadd and napienable are called. If there are 4 queues and only 3 queues are used for the current configuration, only 3 queues’ napi should be registered and...

PT-2026-40524

A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

PT-2026-40526

An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability...

CVE-2026-43282

A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access ionic driver. This vulnerability occurs in the ionicqueryport function, where a missing check for the return value of ibdevicegetnetdev can lead to a NULL pointer dereference. A local attacker could potentially exploit this t...

CVE-2026-43282

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionicqueryport The function ionicqueryport calls ibdevicegetnetdev without checking the return value which could lead to NULL pointer dereference, Fix it by checking the retur...

CVE-2026-43282 RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionicqueryport The function ionicqueryport calls ibdevicegetnetdev without checking the return value which could lead to NULL pointer dereference, Fix it by checking the retur...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ionic: Use devconsumeskbany outside of the NAPI context. If we are not in an NAPI softirq context, we need to be careful about how we call napiconsumeskb. Specifically, we need to call it with budget==0 to signal that we are not ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDPTX action In the XDPTX path, ionic driver sends a packet to the TX path with rx page and corresponding dma address. After tx is done, ionictxclean frees that page. But RX ring buffer isn't reset to...

CVE-2026-23384

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ioniccreatecq struct ioniccqresp resp u32 cqid2; // offset 0 - PARTIALLY SET see below u8 udmamask; // offset 8 - SET resp.udmamask = vcq-udmamask u8 rsvd7; // offset 9 - NEVER SET udmamask &...

Linux Distros Unpatched Vulnerability : CVE-2023-53470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ionic: catch failure from devlinkalloc Add a check for NULL on the alloc return. If devlinkalloc fails and we try to use devlinkpriv on the NULL return, the...

EUVD-2024-53362

Malicious code in bioql PyPI...

EUVD-2025-31929

Malicious code in bioql PyPI...

UBUNTU-CVE-2023-53470

In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlinkalloc Add a check for NULL on the alloc return. If devlinkalloc fails and we try to use devlinkpriv on the NULL return, the kernel gets very unhappy and panics. With this fix, the driver load will...

CVE-2023-53470

CVE-2023-53470 – Linux kernel issue : The vulnerability arises from a missing NULL check after devlink_alloc(), risking kernel panic when devlink_priv() is called on a NULL result. A fix adds the NULL check; as a result, driver load may fail but the kernel will not panic. Documents show the issue...

CVE-2023-53470 ionic: catch failure from devlink_alloc

In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlinkalloc Add a check for NULL on the alloc return. If devlinkalloc fails and we try to use devlinkpriv on the NULL return, the kernel gets very unhappy and panics. With this fix, the driver load will...

CVE-2023-53470 ionic: catch failure from devlink_alloc

In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlinkalloc Add a check for NULL on the alloc return. If devlinkalloc fails and we try to use devlinkpriv on the NULL return, the kernel gets very unhappy and panics. With this fix, the driver load will...

PT-2025-40177

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where a failure from devlink alloc was not properly handled. Specifically, a check for a NULL return value from the devlink alloc function was missing. I...

Linux Distros Unpatched Vulnerability : CVE-2024-56715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ionic: Fix netdev notifier unregister on failure If registernetdev fails, then the driver leaks the netdev notifier. Fix this by calling ioniclifunregister on...

Linux Distros Unpatched Vulnerability : CVE-2024-40907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDPTX action In the XDPTX path, ionic driver sends a packet to th...

SUSE CVE-2024-56714

In the Linux kernel, the following vulnerability has been resolved: ionic: no double destroy workqueue There are some FW error handling paths that can cause us to try to destroy the workqueue more than once, so let's be sure we're checking for that. The case where this popped up was in an AER eve...