Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag – Check for LAG devices before creating debugfs. The function mlx5lagdevaddmdev may return 0 success even when an error occurs, but this error is handled gracefully. As a result, the initialization process proceeds ...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery. Instead, use devicelock instead of pcidevlock...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the error path in multi-packet WQE transmit. Removed the erroneous unmap if no DMA mapping was established. The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This may fail, for...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL, and unlock the FTE. - Loc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed an issue where the HCAPORTS component was unregistered twice. Clear the hcadevcomcomp field in the device’s private data after unregistering it during LAG teardown. Otherwise, a slightly delayed second pass throug...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005643 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, t...

Unbreakable Enterprise kernel security update

6.12.0-107.59.3.4 - mptcp: fix a race in mptcppmdeladdtimer Eric Dumazet Orabug: 38932996 CVE-2025-40257 - tls: Use skdstget and dstdevrcu in getnetdevforsock. Kuniyuki Iwashima Orabug: 38932973 CVE-2025-40149 - mptcp: fix race condition in mptcpschedulework Eric Dumazet Orabug: 38932955...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

ROS-20260126-73-0002

A vulnerability in the RDMA/mlx5 component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from repeated deregistration of the HCAPORTS component in the mlx5 driver, which could lead to reuse after releas...

EUVD-2023-60418

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

SUSE CVE-2025-40350

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdpbuff for striding RQ XDP programs can change the layout of an xdpbuff through bpfxdpadjusttail and bpfxdpadjusthead. Therefore, the driver cannot assume the size of the linear...

EUVD-2025-201221

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec cleanup over MPV device When we do mlx5edetachnetdev we eventually disable blocking events notifier, among those events are IPsec MPV events from IB to core. So before disabling those blocking events, make sur...

EUVD-2022-55383

Malicious code in bioql PyPI...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_6

This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in...

CVE-2023-53393

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5ibgethwstats when used for device Currently, when mlx5ibgethwstats is used for device portnum = 0, there is a special handling in order to use the correct counters, but, portnum is being passed down the stack...

PT-2025-38372

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc4 for upstream base 2022 11 10 16 12 1 Description A flaw exists in the Linux kernel's RDMA/mlx5 subsystem related to the handling of port numbers within the mlx5 ib get hw stats function. Specifically,...

CVE-2023-53347 net/mlx5: Handle pairing of E-switch via uplink un/load APIs

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Handle pairing of E-switch via uplink un/load APIs In case user switch a device from switchdev mode to legacy mode, mlx5 first unpair the E-switch and afterwards unload the uplink vport. From the other hand, in case use...