kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed a race condition related to the per-CQ variable napiworkdone. After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, allowing another CPU to start a napi thread and access the per-CQ variable...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from an error in setting servicewq to null when using net mana. This error may lead to double destruction a...

CVE-2026-43056

In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in addadev error path If auxiliarydeviceadd fails, addadev jumps to addfail and calls auxiliarydeviceuninitadev. The auxiliary device has its release callback set to adevrelease, which frees the...

CVE-2026-43056

In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in addadev error path If auxiliarydeviceadd fails, addadev jumps to addfail and calls auxiliarydeviceuninitadev. The auxiliary device has its release callback set to adevrelease, which frees the...

net: mana: Fix TX CQE error handling

...

CVE-2022-48985

CVE-2022-48985 (Linux kernel) : A race on per-CQ variable napi_work_done in net: mana can allow a concurrent thread to race with napi_complete_done(), potentially clearing NAPIF_STATE_SCHED and corrupting cq->work_done, leading to memory corruption and panic. The fix saves the per-CQ work_done...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition issue with the per-CQ variable napi workdone in the net:mana subsystem...

DEBIAN-CVE-2024-46784

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in manacreatetxq/rxq's NAPI cleanup Currently napidisable gets called during rxq and txq cleanup, even before napi is enabled and hrtimer is initialized. It causes kernel panic. ?...

AZL-49675 CVE-2024-46784 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in manacreatetxq/rxq's NAPI cleanup Currently napidisable gets called during rxq and txq cleanup, even before napi is enabled and hrtimer is initialized. It causes kernel panic. ?...

Unbreakable Enterprise kernel security update

5.15.0-210.163.7 - crypto: qat - specify firmware files for 402xx Giovanni Cabiddu Orabug: 37030280 5.15.0-210.163.6 - Revert 'Fix userfaultfdapi to return EINVAL as expected' Vijayendra Suman Orabug: 37004422 5.15.0-210.163.5 - Revert 'bpf: Allow reads from uninit stack' Vijayendra Suman Orabug:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a receive RX buffer size alignment and atomic operation exception in the net:mana component...

CVE-2024-42069

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix possible double free in error handling path When auxiliarydeviceadd returns error and then calls auxiliarydeviceuninit, callback function adevrelease calls kfreemadev. We shouldn't call kfreemadev again in the erro...

AZL-47095 CVE-2024-42069 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix possible double free in error handling path When auxiliarydeviceadd returns error and then calls auxiliarydeviceuninit, callback function adevrelease calls kfreemadev. We shouldn't call kfreemadev again in the erro...

CVE-2024-42069

CVE-2024-42069 is a Linux kernel vulnerability: the net: mana double-free in an error path was fixed. When auxiliary_device_add() fails and calls auxiliary_device_uninit(), the adev_release callback could free makedev twice via kfree(madev). The fix prevents this by setting madev to NULL in the e...

CVE-2024-42069 net: mana: Fix possible double free in error handling path

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix possible double free in error handling path When auxiliarydeviceadd returns error and then calls auxiliarydeviceuninit, callback function adevrelease calls kfreemadev. We shouldn't call kfreemadev again in the erro...

CVE-2024-35901

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skboverpanic managetrxbufcfg aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skboverpanic. Sample dmesg:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a skb panic problem in the net/mana module...