Linux Distros Unpatched Vulnerability : CVE-2026-53230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist...

CVE-2026-53230

A flaw was found in the Linux kernel's mlx5 driver. The mlx5querynicvportmaclist function, which handles querying network interface card NIC virtual port vport MAC addresses, incorrectly sizes its internal buffer. When a Virtual Function VF vport is queried with a larger configured maximum, the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: A WARN was issued during the deregmr operation for DM type. Memory regions of the DM type do not have an associated umem. In the mlx5ibderegmr - mlx5freeprivdescs sequence, the code incorrectly selects the wrong branch...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix for a variable not being completed when the function returns When cmdallocindex fails, cmdworkhandler needs to complete ent-slotted before returning early. Otherwise, the task that issued the command may hang...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel before version 5.15.13, the file drivers/net/ethernet/mellanox/mlx5/core/steering/drdomain.c misinterprets the return value of mlx5getuarspage. It expects the return value to be NULL in the error case, but in reality, it is an error pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregisters devlink parameters in case the interface is down Currently, if an interface is down, the mlx5 driver does not unregister its devlink parameters, which leads to this WARN1. This issue is fixed by unregisterin...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: RX, Fixed XDP multi-buf fragment counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes ta...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the issue with mlx5pollone where the curqp is updated. When curqp is not NULL, in order to avoid fetching the QP from the radix tree again, we check if the next CQE QP is identical to the one we already have...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfio: Split migration operations from main device operations The vfio core checks whether the driver sets certain migration operations e.g., setstate/getstate, and accordingly calls those operations. However, currently, the ml...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the cleanup of steering rules The vport’s unicast, multicast, and multicast rules are not deleted during the teardown process when EEH occurs. Since the vport’s promiscuous settings unicast, unicast, and...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: In devcom, fix for error flow in mlx5devcomregisterdevice. In the event of a failure in devcom allocation, mlx5 always frees the private data. However, this private data might have been allocated by a different thread...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the rollback of the switchdev mode in case of failure. If for some internal reason the switchdev mode fails, we roll back to the legacy mode. Before this patch, rolling back would unregister the uplink netdev and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix for the memory leak in mlx5drcmdcreatereformatctx. When mlx5cmdexec fails in mlx5drcmdcreatereformatctx, the memory pointed to by ‘in’ is not released, which can lead to a memory leak. Move the memory release...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Added a timeout to the acquisition of the command queue semaphore. This prevents forced completion handling on entries that have not yet been assigned an index, thereby avoiding out-of-bounds access at idx = -22. Instea...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the nullptrderef issue in mlx5createinner,ttctable. Added a NULL check for the value returned by mlx5getflownamespace in mlx5createinnerttctable and mlx5createttctable to prevent NULL pointer dereferencing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fixed the issue of releasing uninitialized resources on an error path. The commit in the fixes section ensured that mlx5vdpafree is the only entrypoint for releasing vdpa device resources added in mlx5vdpadevadd. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring that tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take the RTNL lock when necessary before calling xdpsetfeatures. The RTNL lock must be held when calling xdpsetfeatures with a registered netdev, as this call triggers the netdev notifiers. This could occur, for exampl...

Linux Distros Unpatched Vulnerability : CVE-2026-46176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch...