18 matches found
NewStart CGSL MAIN 7.02 : python-certifi Vulnerability (NS-SA-2025-0070)
The remote NewStart CGSL host, running version MAIN 7.02, has python-certifi packages installed that are affected by a vulnerability: - In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error This patch addresses a race...
CVE-2025-21732
CVE-2025-21732 pertains to the Linux kernel RDMA mlx5 path. It describes a race in the ODP MR handling where, during __mlx5_ib_dereg_mr(), a concurrent mlx5_ib_invalidate_range() can invalidate a freed lkey, triggering a CQE error and potentially placing the UMR QP in an error state. The disclose...
CVE-2024-53224
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events...
CVE-2024-47694
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5rumrresourcecleanup to a new function mlx5rumrcleanup. So the fix in commit 1 is broken. In error flow, will hit...
CVE-2024-47694 IB/mlx5: Fix UMR pd cleanup on error flow of driver init
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5rumrresourcecleanup to a new function mlx5rumrcleanup. So the fix in commit 1 is broken. In error flow, will hit...
CVE-2021-47615
CVE-2021-47615 stems from a Linux kernel RDMA/ mlx5 deregistration path where a MR (memory region) could be freed incorrectly if the MR had no umem, causing use-after-free-like behavior by misinterpreting a kernel MR as a user MR and releasing resources that weren’t allocated. The Nessus NASL for...
CVE-2021-47265
In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5ib driver could cause to the below oops. Call trace:...
CVE-2021-47265
In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5ib driver could cause to the below oops. Call trace:...
CVE-2021-47265
In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5ib driver could cause to the below oops. Call trace:...
CVE-2021-47265 RDMA: Verify port when creating flow rule
In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5ib driver could cause to the below oops. Call trace:...
CVE-2021-47265 RDMA: Verify port when creating flow rule
In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5ib driver could cause to the below oops. Call trace:...
CVE-2021-47265
In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5ib driver could cause to the below oops. Call trace:...
CVE-2021-47265
CVE-2021-47265 is a Linux kernel RDMA issue in the mlx5_ib driver. The vulnerability stems from missing validation of the user-supplied port when creating a flow rule, leading to an improper check and a kernel oops as shown in the call trace (_create_flow_rule … mlx5_ib_create_flow …). The CVE ha...
CVE-2021-47261 IB/mlx5: Fix initializing CQ fragments buffer
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...
CVE-2021-47261 IB/mlx5: Fix initializing CQ fragments buffer
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...
CVE-2021-47196
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers and overwrite it later again till the mlx4 is going to be changed do not overwrite ibqp...
bpftool, kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2022:4642 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...