Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Fixed a possible overflow in the DPE length check. Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. The term wDatagramInd...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Use a static NDP16 location within the URB. The original code allowed the start of NDP16 to be anywhere within the URB, based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, which ma...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21742)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21742 advisory. - In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 locatio...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46861)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46861 advisory. - In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failin...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21741)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21741 advisory. - In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21743)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21743 advisory. - In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in...

kernel: usbnet: ipheth: fix possible overflow in DPE length check

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...

kernel: usbnet: ipheth: use static NDP16 location in URB

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...

kernel: usbnet: ipheth: fix DPE OoB read

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...

EUVD-2025-5181

Malicious code in bioql PyPI...

EUVD-2025-5173

Malicious code in bioql PyPI...

EUVD-2025-5186

Malicious code in bioql PyPI...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Fixed the DPE OoB read issue. A buffer-overflow vulnerability related to DPE reads has been addressed. The number of DPEs processed is limited to the amount that fits within the fixed-size NDP16 header...

The vulnerability of the ipheth_rcvbulk_callback() function in the Linux kernel’s USB device driver support mechanism allows a hacker to induce a service failure.

The vulnerability of the iphethrcvbulkcallback function in the Linux kernel’s USB device driver support routine is related to improper disabling or release of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

usbnet: ipheth: fix possible overflow in DPE length check

...

usbnet: ipheth: fix DPE OoB read

...

usbnet: ipheth: use static NDP16 location in URB

...

SUSE CVE-2025-21741

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...

SUSE CVE-2025-21742

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...

SUSE CVE-2025-21743

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...