Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed a warning during rehash As previously explained, the rehash process delays the migration of filters from one region to another. This is done by iterating over all chunks all filters with the same...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed a memory leak during rehash. The rehash delayed work involves migrating filters from one region to another. This is done by iterating over all chunks all filters with the same priority in the region,...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: A memory leak was fixed when changing the remote IPv6 address. The device stores IPv6 addresses that are used for encapsulation in linear memory managed by the driver. Changing the remote address of an ip6gre...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix possible use-after-free during activity update The rule activity update delayed activity periodically traverses the list of configured rules and queries their activity from the device. As part of this...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: A memory leak has been fixed when canceling the rehash operation. The rehash operation is rescheduled with a delay if the number of credits at the end of the operation is not negative—this indicates that t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect the driver from buggy firmware When processing port up/down events generated by the device’s firmware, the driver attempts to protect itself from events reported for non-existent local ports. However, it...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbor use-after-free We sometimes observe use-after-free when dereferencing a neighbor 1. The problem seems to be that the driver stores a pointer to the neighbor, but does not hold a reference to it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fixed a use-after-free issue when deleting GRE network devices. The driver only offloads neighbors that are created on top of network devices registered by it or their superiors which are all Ethernet...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fixed a use-after-free issue when updating multicast route statistics. The cited commit added a dedicated mutex instead of RTNL to protect the multicast route list. This prevents changes to the list while the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: corelinecards: Fix double memory deallocation in case of invalid INI file In case of invalid INI file mlxswlinecardtypesinit deallocates memory but doesn't reset pointer to NULL and returns 0. In case of any error occurred...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumaclerp: Fixed object nesting warnings ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but t...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mlxsw: Thermal: Fix for out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: bash cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...

kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

RLSA-2026:4759 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save CVE-2025-39818 kernel: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1244)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid use-after-free...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1280)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid use-after-free...

Oracle Linux 9 : kernel (ELSA-2026-3966)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3966 advisory. - mlxsw: spectrummr: Fix use-after-free when updating multicast route stats CKI Backport Bot RHEL-143194 CVE-2025-68800 - iouring: fix use-after-free o...