CVE-2026-23045

The CVE-2026-23045 issue affects the Linux kernel ENA driver (net/ena). The root cause is a missing devlink lock when updating devlink parameters: ena_devlink_alloc() calls devl_param_driverinit_value_set() without acquiring the required lock, triggering a lock assertion warning in devl_assert_lo...

Linux Distros Unpatched Vulnerability : CVE-2026-23045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devlparamdriverinitvalueset in ena. WARNING: net/devlink/core.c:261 a...

Rocky Linux 9 : kernel (RLSA-2024:4583)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4583 advisory. kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix a...

CVE-2024-40999

CVE-2024-40999 affects the Linux kernel ENA driver. The vulnerability stems from insufficient validation of completion descriptors in multi-buffer packets: the "first" flag must only appear on the first descriptor. An invalid descriptor can trigger a reset, and a new RX data corruption reset reas...

CVE-2024-40999 net: ena: Add validation for completion descriptors consistency

In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that first flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor, a reset will occur. A new reset reason for R...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the net:ena component when handling the consistency of completion descriptors...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.504.2.el7 - md/raid1: properly indicate failure when ending a failed write request Paul Clements Orabug: 32887159 - video: hypervfb: Add ratelimit on error message Michael Kelley Orabug: 32856879 - Drivers: hv: vmbus: Initialize unloadevent statically Andrea Parri Microsoft Orabug:...