EUVD-2026-39321

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the issue with the inversion dependency warning when enabling IPsec tunnels. Attempts to enable IPsec packet offloading in tunnel mode in the debug kernel generate the following kernel panic, due to two issues...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40250)

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the “scheduling while atomic” issue in IPsec MAC address queries. A bug involving “scheduling while atomic” was addressed in mlx5eipsecinitmacs, by replacing mlx5querymacaddress with etheraddrcopy to retrieve the...

CVE-2026-43467

A flaw was found in the Linux kernel's mlx5core driver. A local user or process can trigger a system crash by attempting to move a network device to switchdev mode when the device does not support IPsec. This occurs because the kernel incorrectly tries to clean up IPsec resources that do not exis...

EUVD-2026-28770

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag correct...

CVE-2026-43199 net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5eipsecinitmacs by replacing mlx5querymacaddress with etheraddrcopy to get the local MAC address directly from...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed a race condition related to command flushing flows. Fixed a “use-after-free” warning due to a race condition involving command entries. This race condition occurs when one command releases its last reference...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed handling of incorrect devices during the bond netevent processing. The current implementation of the bond netevent handler only checks whether the handled netdev is a VF representative. However, there is no...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fixed by using eswitch mapping in nic mode The cited patch uses the eswitch object mapping pool when in nic mode, where it is not initialized. This results in the following trace 0. Fixed by using either the nic or...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Nullifies the cq-dbg pointer in mlx5debugcqRemove Before this patch, if mlx5CoreDestroyCq failed, the destruction operations continued. However, mlx5CoreDestroyCq could be called again by the user, causing additional...

CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

UBUNTU-CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2026-23173

CVE-2026-23173 affects the Linux kernel mlx5e driver (TC flow offload). The issue arises when deleting TC steering flows: the code previously iterated over all possible ports, potentially touching non-existent peers and risking a NULL pointer dereference. The fix ensures cleanup only occurs for d...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38109)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38109 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on...

CVE-2025-68779

A use-after-free vulnerability was found in the Mellanox mlx5 Ethernet driver in the Linux kernel. The PSP Platform Security Processor component is unregistered twice during device removal - once in mlx5eremove and again in mlx5eniccleanup. This double unregistration causes a refcount underflow,...

SUSE CVE-2025-68779

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...

CVE-2025-68779

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...