94 matches found
PT-2025-38372
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc4 for upstream base 2022 11 10 16 12 1 Description A flaw exists in the Linux kernel's RDMA/mlx5 subsystem related to the handling of port numbers within the mlx5 ib get hw stats function. Specifically,...
CVE-2023-53347 net/mlx5: Handle pairing of E-switch via uplink un/load APIs
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Handle pairing of E-switch via uplink un/load APIs In case user switch a device from switchdev mode to legacy mode, mlx5 first unpair the E-switch and afterwards unload the uplink vport. From the other hand, in case use...
CVE-2025-39832
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...
Unbreakable Enterprise kernel security update
5.15.0-312.187.5 - Revert 'mm: hugetlb: independent PMD page table shared count' Harshit Mogalapalli Orabug: 38327655 5.15.0-312.187.4 - rds: Fix NULL ptr deref in xasstart Hakon Bugge Orabug: 38166374 - KVM: x86: use arrayindexnospec with indices that come from guest Thijs Raymakers Orabug:...
mlxsw: spectrum: Guard against invalid local ports
...
CVE-2025-38628
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from vdpa/mlx5 not handling error paths correctly when freeing uninitialized resources...
Linux Distros Unpatched Vulnerability : CVE-2025-38440
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Fix race between DIM disable and netdim There's a race between disabling DIM and NAPI callbacks using the dim pointer on the RQ or SQ. If NAPI checks...
RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction
...
The vulnerability of the __xa_store() and __xa_erase() functions in the drivers/infiniband/hw/mlx5/odp.c module of Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the xastore and xaerase functions in the drivers/infiniband/hw/mlx5/odp.c module of Linux operating systems is related to incorrect resource locking. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the net/mlx5 component in the Linux operating system, which allows a hacker to cause a service failure.
The vulnerability of the net/mlx5 component in the Linux operating system is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed implicit ODP use after free. Prevented double queuing of implicit ODP mr destroy operations by using xacmpxchg, ensuring that this is the only time this specific mr is destroyed. Without this change, it was...
UBUNTU-CVE-2022-49670
In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdmadimstatscompare when prev-cperatio == 0. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020 task: ffff880194b78000 task.stack:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: The fs and lock operations during checks for active status. The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from the hardware, set the hardware deletion function to NULL...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the error path in multi-packet WQE transmit. Removed the erroneous unmap if no DMA mapping was established. The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This may fail, for...
PT-2025-8797
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the RDMA/mlx5 issue Description A use-after-free issue has been identified in the Linux kernel, specifically in the RDMA/mlx5 component. This issue can cause a double queuein...
PT-2025-30787
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to RDMA/mlx5, specifically concerning the initialization of obj event-obj sub list before its insertion using xa insert. This can lead ...
CLSA-2024-1725871927 kernel: Fix of 30 CVEs
gfs2: Fix potential glock use-after-free on unmount CVE-2024-38570 - gfs2: Remove ill-placed consistency check CVE-2024-38570 - gfs2: introduce new gfs2glockassertwithdraw CVE-2024-38570 - gfs2: simplify gdlmputlock with outfree label CVE-2024-38570 - wifi: mt76: replace skbput with skbputzero...
CLSA-2024-1724753960 Fix CVE(s): CVE-2023-52760, CVE-2024-35835, CVE-2024-39484, CVE-2024-39487
CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2qddealloc CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip...
DEBIAN-CVE-2024-43866
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health WQ on shutdown callba...