104 matches found
SUSE CVE-2024-46717
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1 No skb created yet 2 headersize == 0 no SHAMPO header 3 headerindex + 1 % MLX5ESHAMPOWQHEADERPERPAGE == 0 this is the last page fragment of a SHAMPO...
DEBIAN-CVE-2024-46717
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1 No skb created yet 2 headersize == 0 no SHAMPO header 3 headerindex + 1 % MLX5ESHAMPOWQHEADERPERPAGE == 0 this is the last page fragment of a SHAMPO...
UBUNTU-CVE-2024-46717
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1 No skb created yet 2 headersize == 0 no SHAMPO header 3 headerindex + 1 % MLX5ESHAMPOWQHEADERPERPAGE == 0 this is the last page fragment of a SHAMPO...
UBUNTU-CVE-2024-44970
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from the WQ linked list mlx5wqllpop. For SHAMPO, it is possible to receive CQEs with 0 consumed strides fo...
UBUNTU-CVE-2022-48883
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent A user is able to configure an arbitrary number of rx queues when creating an interface via netlink. This doesn't work for child PKEY interfaces because the...
kernel: net/mlx5e: Fix netif state handling
A vulnerability was found in the Linux kernel within the net/mlx5e component, where improper handling of network interface states could lead to a NULL pointer dereference or resource leaks if network registration fails during initialization. This condition could cause system instability, as...
kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
An operation precedence flaw was found in the Linux kernel’s Mellanox Technologies networking driver. This flaw allows a local user to crash the system or potentially gain access to data that should not be accessible...
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups
A double-free flaw was found in the Linux kernel ConnectX-4 and Connect-IB cards in the Mellanox driver. This issue could allow a local user to crash the system...
kernel: net/mlx5e: fix a double-free in arfs_create_groups
A double-free vulnerability was found in the arfscreategroups function in the Linux kernel's net/mlx5e driver. This issue could lead to memory corruption or a system crash if exploited, as freeing the same memory twice may cause undefined behavior...
net/mlx5e: Prevent deadlock while disabling aRFS
...
SUSE CVE-2023-52782
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadata index is put in t...
kernel: Linux kernel: Denial of Service due to memory leak in mlx5e driver
A flaw was found in the Linux kernel. This memory leak vulnerability occurs when a flow rule, forwarding packets from an internal port over a tunnel, is split and extra post-action rules are added. The intport object's reference count is incremented but never decremented, leading to the object no...
DEBIAN-CVE-2023-52782
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadata index is put in t...
UBUNTU-CVE-2023-52782
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadata index is put in t...
kernel: Linux kernel: Denial of Service due to memory leak in mlx5e driver
A flaw was found in the Linux kernel. This memory leak vulnerability occurs when a flow rule, forwarding packets from an internal port over a tunnel, is split and extra post-action rules are added. The intport object's reference count is incremented but never decremented, leading to the object no...
UBUNTU-CVE-2024-26858
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadatamap Just simply reordering the functions mlx5eptpmetadatamapput and mlx5eptpsqtrackmetadata in the mlx5etxwqecomplete...
CVE-2021-47199
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT, Fix multiple allocations and memleak of mod acts CT clear action offload adds additional mod hdr actions to the flow's original mod actions in order to clear the registers which hold ctstate. When such flow also...
UBUNTU-CVE-2021-47215
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix crash in RX resync flow For the TLS RX resync flow, we maintain a list of TLS contexts that require some attention, to communicate their resync information to the HW. Here we fix list corruptions, by protecti...
CVE-2021-47197 net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: nullify cq-dbg pointer in mlx5debugcqremove Prior to this patch in case mlx5coredestroycq failed it proceeds to rest of destroy operations. mlx5coredestroycq could be called again by user and cause additional call of...
CVE-2021-47197
CVE-2021-47197 : In Linux kernel mlx5_core, a double-destroy path could crash via mlx5_debug_cq_remove() if mlx5_core_destroy_cq() is retried after failure. The fix nullifies cq->dbg after removal and ensures CQ destruction proceeds only if the FW command DESTROY_CQ returns 0. A patch addressi...