Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not clone flow post-action attributes a second time. The code already clones post-action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is an error remaining from the original...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Avoid invalid reads in irdmanetevent. The irdmanetevent function should not dereference anything from “neigh” alias “ptr” until it has checked that the event is of type NETEVENTNEIGHUPDATE. Other events are pointed to...

SUSE CVE-2025-71133

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...

CVE-2025-71133

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...

UBUNTU-CVE-2025-71133

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...

CVE-2025-71133

The CVE-2025-71133 entry concerns the Linux kernel RDMA/irdma path, where irdma_net_event could dereference neigh (ptr) data before confirming NETEVENT_NEIGH_UPDATE. The code fix moves neigh->dev access under the NETEVENT_NEIGH_UPDATE case, preventing a potential out-of-bounds read reported by...

CVE-2025-71133 RDMA/irdma: avoid invalid read in irdma_net_event

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...

PT-2026-2894

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-630.el9.x86 64+debug 1 Description A flaw exists in the Linux kernel's RDMA/irdma subsystem, specifically within the irdma net event function. The function could dereference an invalid memory location unde...

OESA-2024-1707 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter...

CVE-2021-47247 net/mlx5e: Fix use-after-free of encap entry in neigh update handler

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...

kernel: net/mlx5e: Don't clone flow post action attributes second time

A use-after-free flaw was discovered in the Linux kernel’s mlx5e networking driver. The code erroneously cloned flow post action attributes a second time in mlx5etcpostactadd despite an earlier clone in mlx5ecloneflowattrforpostact. This second clone is not properly updated during neighbor update...