388 matches found
CVE-2026-53323 net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
PT-2026-52329
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the IBM EMAC driver during device removal. The driver utilized devm register netdev, which defers the unregister netdev call until the devres cleanup...
CVE-2026-53087 net: bcmgenet: fix leaking free_bds
In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...
CVE-2026-52983 net: airoha: fix BQL imbalance in TX path
In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix BQL imbalance in TX path Fix a possible BQL imbalance in airohadevxmit, where inflight packets are accounted only for the AIROHANUMTXRING netdev TX queues. The queue index is computed as: qid =...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: xfrm: Always flush the state and policy upon the NETDEVUNREGISTER event. syzbot reports that the refcount of “struct xfrmstate” is leaking. unregisternetdevice: Waiting for netdevsim0 to become free. Usage count = 2. reftracke...
SUSE-SU-2026:22414-1 Security update for the Linux Kernel RT (Live Patch 23 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-46.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race bsc126308...
UBUNTU-CVE-2026-52925
In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...
PT-2026-51877
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the network transmission path where a Byte Queue Limit BQL imbalance occurs. In the airoha dev xmit function, inflight packets are only accounted for the AIROHA NUM TX...
SUSE-SU-2026:2518-1 Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
SUSE-SU-2026:2496-1 Security update for the Linux Kernel (Live Patch 46 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.184 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP rac...
EUVD-2026-32792
In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...
CVE-2026-45900
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix netdev memory leak in dpaa2caamprobe When commit 0e1a4d427f58 "crypto: caam: Unembed netdev structure in dpaa2" converted embedded netdevice to dynamically allocated pointers, it added cleanup in...
Linux Distros Unpatched Vulnerability : CVE-2026-45866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Networks: qcom/emac – fixed a UAF Use-after-Free issue in emacremove. “adpt” is netdev private data, and it cannot be used after the freenetdev call. Using “adpt” after freenetdev can cause a UAF bug. This issue was fixed by movi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet: mtkppe: Avoid NULL dereferencing when gmac0 is disabled. If gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer dereferencing, leading to a system crash. This occurs because...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bug: NULL pointer dereferencing in the kernel, address: 0000000000000020 PGD: 0 P4D 0 Oops: 0000 1 PREEMPT SMP PTI CPU: 11 PID: 19713 Comm: ethtool Tainted: G S 6.10.0-rc7+ 7 RIP: 0010: icegetqcoalesce+0x2e/0xa0 ice RSP:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Fixed NULL pointer dereferencing in smcvlanbytcpsk. Coverity reports a possible NULL dereferencing issue: - In smcvlanbytcpsk: - 6. returnednull: netdevlowergetnext returns NULL checked 29 out of 30 times. - 7...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach Syzbot reported a use-after-free in tundetach. This causes a call trace like the following: ================================================================== BUG: KASAN: use-after-free i...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fixed the return type of netcpndostartxmit With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to ensure that the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xsk: Validates the MTU against the usable frame size when binding. The AFXDP binding currently accepts zero-copy pool configurations without verifying that the device’s MTU fits within the usable frame space provided by the UMEM...