23 matches found
SUSE CVE-2026-43241
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...
CVE-2026-43241
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...
CVE-2026-43241
CVE-2026-43241 affects the Linux kernel component ntb_hw_switchtec. The root cause is an array-index-out-of-bounds access related to the number of MW LUTs (dependent on NTB configuration) which can access mw_sizes incorrectly. A patch was applied to guard against invalid index accesses and to pri...
CVE-2026-43241 ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...
CVE-2026-43241
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...
CVE-2026-43141
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...
CVE-2026-43141
Summary : CVE-2026-43141 affects the Linux kernel ntb_hw_switchtec code, where the number of MW LUTs can be configured to zero. In that scenario, a call to rounddown_pow_of_two could trigger undefined behavior. The patch ensures rounddown_pow_of_two is only applied to a valid value. Impact : Unde...
PT-2026-37481
In the Linux kernel, the following vulnerability has been resolved: ntb: ntb hw switchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddown pow of two will cause undefined behaviour and should not be performed...
PT-2026-37581
In the Linux kernel, the following vulnerability has been resolved: ntb: ntb hw switchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAX MWS, This patch protects against invalid index out of bounds access to mw sizes When invalid access...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the rounddownpowoftwo function in the ntbhwswitchtec driver, where an out-of-bound shift occurs when th...
RLSA-2026:2722 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans CVE-2023-53034 kernel: smc: Fix use-after-free in pnetfindbasendev CVE-2025-40064 kernel: Linux kernel: Out-of-bounds wri...
Moderate: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993253)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993253 advisory. In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992666)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992666 advisory. In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API...
ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans
...
SUSE CVE-2023-53034
In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API ntbmwcleartrans would pass 0 to both addr and size. This would make xlatepos negative. 23.734156 switchtec switchtec0: MW 0: part 0 addr...
DEBIAN-CVE-2023-53034
In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API ntbmwcleartrans would pass 0 to both addr and size. This would make xlatepos negative. 23.734156 switchtec switchtec0: MW 0: part 0 addr...
UBUNTU-CVE-2023-53034
In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API ntbmwcleartrans would pass 0 to both addr and size. This would make xlatepos negative. 23.734156 switchtec switchtec0: MW 0: part 0 addr...
UBUNTU-CVE-2024-57999
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW Power Hypervisor can possibily allocate MMIO window intersecting with Dynamic DMA Window DDW range, which is over 32-bit addressing. These MMIO pages needs to be...
SUSE CVE-2024-26847
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...