94 matches found
kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...
kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...
CVE-2026-14738
Technical details are not publicly available in the provided documents; monitor for updates.
CVE-2026-14738 exo-explore exo Vision Feature Cache vision.py _image_cache_key weak hash
A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...
EUVD-2026-38037
In the Linux kernel, the following vulnerability has been resolved: RDMA: During reregmr ensure that REREGACCESS is compatible If IBMRREREGACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properly pinned as RW. Since the umem is hidden inside each driver's mr stru...
kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...
RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq()
...
Linux Distros Unpatched Vulnerability : CVE-2026-46181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx4: Fix mis-use of RCU in mlx4srqevent Sashiko points out the radixtree itself is RCU safe, but nothing ever frees the mlx4srq struct with RCU, and it...
CVE-2026-46181
A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...
CVE-2026-46181
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4srqevent Sashiko points out the radixtree itself is RCU safe, but nothing ever frees the mlx4srq struct with RCU, and it isn't even accessed within the RCU critical section. It also will crash...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error path resource leak in the mlx4ibcreatesrq function within RDMA mlx4. This issue may lead...
CVE-2026-5843
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
EUVD-2026-31491
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5843
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
Docker Desktop < 4.71.0 Container Escape (CVE-2026-5843)
The version of Docker Desktop installed on the remote host is prior to 4.71.0. It is, therefore, affected by a container escape vulnerability: - A container-to-host code execution vulnerability exists in the Docker Model Runner MLX inference backend. An attacker with access to a container could...
PT-2026-42831
Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The MLX inference backend uses the MLX-LM library, which imports and executes arbitrary Python files from model directories via the model file configuration field in the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed a possible use-after-free in the async command interface The mlx5cmdcleanupasyncctx function should only return after all its callback handlers are completed. Before this patch, there was a race between...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed an issue where a source warning occurred when accessing the Eth segment. ------------ Cut here ------------ memcpy: A field-spanning write was detected size 56 for the single field “eseg-inlinehdr.start” at...