34 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fixed a use-after-free issue when deleting GRE network devices. The driver only offloads neighbors that are created on top of network devices registered by it or their superiors which are all Ethernet...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21681)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21681 advisory. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to...
CVE-2023-53785
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921usbsdiotxprepareskb calls mt7921usbsdiowritetxwi and mt7921skbaddusbsdiohdr, both of which blindly assume that adequate headroom will be available in the passed...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989155)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989155 advisory. In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987265)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987265 advisory. In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period...
Linux Distros Unpatched Vulnerability : CVE-2025-38019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after- free when deleting GRE net devices The driver only...
SUSE CVE-2025-38019
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...
DEBIAN-CVE-2025-38019
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...
CVE-2025-38019
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...
UBUNTU-CVE-2025-38019
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...
CVE-2025-38019 mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...
CVE-2025-38019
Summary: CVE-2025-38019 describes a use-after-free in the mlxsw spectrum_router driver when deleting GRE net devices, triggered during replay of neighbor configurations after a driver reload. What’s affected: the Linux kernel mlxsw GRE offload path for neighbors built on top of GRE devices; the i...
CVE-2025-38019 mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...
CVE-2025-38019
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...
CVE-2023-53138
In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN: use-after-free in cfusbldevicenotify+0x7c9/0x870 net/caif/caifusb.c:138...
DEBIAN-CVE-2023-53138
In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN: use-after-free in cfusbldevicenotify+0x7c9/0x870 net/caif/caifusb.c:138...
CVE-2022-49808 net: dsa: don't leak tagger-owned storage on switch driver unbind
In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba "net: dsa: introduce tagger-owned storage for private and shared data", we had a call to tagops-disconnectdst issued from...
UBUNTU-CVE-2025-21970
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEVCHANGEUPPER event is triggered. Driver finds the lower devices PFs to flush all the offloaded entries. And mlx5lagissharedfdb i...
DEBIAN-CVE-2025-21701
In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUGLOCKSWARNONlock-magic != lock WARNING: CPU: 3 PID...