CVE-2023-53371

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5efsttredirectanycreate The memory pointed to by the fs-any pointer is not freed in the error path of mlx5efsttredirectanycreate, which can lead to a memory leak. Fix by freeing the memory in the...

Linux Distros Unpatched Vulnerability : CVE-2022-49338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix cleanup of CT before cleanup of TC ct rules CT cleanup assumes that all t...

PT-2025-33788

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc7 for upstream min debug 2025 05 27 22 44 Description: A flaw exists in the Linux kernel's net/mlx5e module related to handling XFRM eXact Forwarding Path states during packet decryption. Specifically, ...

CVE-2023-53105 net/mlx5e: Fix cleanup null-ptr deref on encap lock

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix cleanup null-ptr deref on encap lock During module is unloaded while a peer tc flow is still offloaded, first the peer uplink rep profile is changed to a nic profile, and so neigh encap lock is destroyed. Next duri...

CVE-2022-49338

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix cleanup of CT before cleanup of TC ct rules CT cleanup assumes that all tc rules were deleted first, and so is free to delete the CT shared resources e.g the draction fwdaction which is shared for all tuples. B...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the mlx5etirbuilderalloc function in the net/mlx5e module that does not handle NULL return values...

CVE-2024-46717

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1 No skb created yet 2 headersize == 0 no SHAMPO header 3 headerindex + 1 % MLX5ESHAMPOWQHEADERPERPAGE == 0 this is the last page fragment of a SHAMPO...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a buffer overflow problem in the net/mlx5e module...

SUSE CVE-2024-35959

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5eprivinit cleanup flow When mlx5eprivinit fails, the cleanup flow calls mlx5eselqcleanup which calls mlx5eselqapply that assures that the priv-statelock is held using lockdepisheld. Acquire the statelock in...

CVE-2023-52487 net/mlx5e: Fix peer flow lists handling

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix peer flow lists handling The cited change refactored mlx5etcdelfdbpeerflow to only clear DUP flag when list of peer flows has become empty. However, if any concurrent user holds a reference to a peer flow for...

PT-2025-18869 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference issue has been identified in the Linux kernel, specifically in the net/mlx5e module. This issue occurs when a module is unloaded while a peer tc flow is stil...

PT-2023-33331 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue is related to a use-after-free error when reverting the termination table in the net/mlx5e module. The actual impact and attack plausibility have not yet been proven...

PT-2023-33171 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to a use-after-free error when reverting the termination table in the net/mlx5e module. The actual impact and attack plausibility have not yet been proven...

PT-2024-11813 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the net/mlx5e module, related to IPoIB and Block PKEY interfaces with less rx queues than the parent. The issue...