Lucene search
+L

90 matches found

CVE
CVE
added 2026/06/25 8:39 a.m.23 views

CVE-2026-53216

The CVE-2026-53216 issue affects the Linux kernel mvpp2 XDP path. Short pool buffers can be smaller than PAGE_SIZE, yet XDP initially sets every xdp_buff frame size to PAGE_SIZE. The XDP helpers then use frame_sz to validate tail growth, which, with an oversized frame, can allow bpf_xdp_adjust_ta...

9.8CVSS6AI score0.00546EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.38 views

CVE-2026-53216 net: mvpp2: limit XDP frame size to the RX buffer

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer mvpp2 has short and long BM pools, and short pool buffers can be smaller than PAGESIZE. The XDP path nevertheless initializes every xdpbuff with PAGESIZE as frame size. XDP helper...

9.8CVSS0.00546EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53216

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer mvpp2 has short and long BM pools, and short pool buffers can be smaller than PAGESIZE. The XDP path nevertheless initializes every xdpbuff with PAGESIZE as frame size. XDP helper...

9.8CVSS5.9AI score0.00546EPSS
Exploits0
OSV
OSV
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53216 net: mvpp2: limit XDP frame size to the RX buffer

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer mvpp2 has short and long BM pools, and short pool buffers can be smaller than PAGESIZE. The XDP path nevertheless initializes every xdpbuff with PAGESIZE as frame size. XDP helper...

9.8CVSS5.9AI score0.00546EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39306

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

6AI score0.00546EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53215

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS5.9AI score0.00546EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.36 views

CVE-2026-53215

CVE-2026-53215 affects the Linux kernel mvpp2 driver: the RX path could return a descriptor buffer to the hardware Buffer Manager after it had been handed to XDP or an skb, allowing DMA into memory no longer owned by the RX ring. Root cause is improper handling of RX buffers in mvpp2_rx_refill() ...

9.8CVSS6AI score0.00546EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53215 net: mvpp2: refill RX buffers before XDP or skb use

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS0.00546EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53215 net: mvpp2: refill RX buffers before XDP or skb use

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS6AI score0.00546EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52311

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mvpp2 driver where the XDP path initializes every xdp buff with PAGE SIZE as the frame size, regardless of whether the buffer is from a short or long BM pool...

9.8CVSS6.2AI score0.00546EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52310

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mvpp2 network driver where the RX error path returns the current descriptor buffer to the hardware Buffer Manager BM pool. This action is only valid while the driv...

9.8CVSS6.1AI score0.00546EPSS
Exploits0References16
OSV
OSV
added 2026/06/22 11:10 a.m.2 views

SUSE-SU-2026:2482-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished...

9.8CVSS7.3AI score0.93235EPSS
Exploits62References222
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2 – Clearing the BM pool before initialization. The register values persist after booting the kernel using kexec, which results in a kernel panic. Therefore, it is necessary to clear the BM pool registers before...

5.5CVSS5.6AI score0.0022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mvpp2main: A possible OOB write issue has been fixed in mvpp2ethtoolgetrxnfc. The rules parameter is allocated in ethtoolgetrxnfc, and its size is determined by rulecnt from the user space. Therefore, rulecnt must ...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Guard flow control updates with globaltxfc in buffer switching The function mvpp2bmswitchbuffers mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs the CM3 flow...

5.5CVSS6.4AI score0.00125EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007021)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007021 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel...

5.5CVSS6.6AI score0.0022EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006790 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel...

5.5CVSS5.9AI score0.0022EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mvpp2: guard flow control update with globaltxfc in buffer switching mvpp2bmswitchbuffers unconditionally calls mvpp2bmpoolupdateprivfc when switching...

5.5CVSS6.5AI score0.00125EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/03 11:27 p.m.7 views

SUSE CVE-2026-23438

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with globaltxfc in buffer switching mvpp2bmswitchbuffers unconditionally calls mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs CM3...

5.5CVSS5.7AI score0.00125EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/04/03 7:22 p.m.5 views

CVE-2026-23438

A flaw was found in the Linux kernel's mvpp2 driver. A local privileged user could cause a system crash, leading to a Denial of Service DoS, by triggering a null pointer dereference. This occurs when changing the Maximum Transmission Unit MTU on systems where the CM3 SRAM resource is not present,...

5.5CVSS5.9AI score0.00125EPSS
Exploits0References4
Rows per page
Query Builder