531 matches found
SUSE CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890
A flaw was found in the Linux kernel's xen-netback component. A malicious or buggy Xen guest can exploit this by writing a zero value to the 'multi-queue-num-queues' xenbus key. This improper input validation can trigger a warning in the kernel's memory allocation, leading to a guest-to-host Deni...
EUVD-2026-32356
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
UBUNTU-CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890
The CVE-2026-45890 issue affects the Linux kernel Xen-netback. A Xen guest can set multi-queue-num-queues to 0; the connect() validation checks only the upper bound (requested_num_queues > xenvif_max_queues) and does not reject zero. This can reach vzalloc(array_size(0, sizeof(struct xenvif_qu...
CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890 xen-netback: reject zero-queue configuration from guest
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
Linux Distros Unpatched Vulnerability : CVE-2026-45890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write 0 to the xenbus key multi-queue-num-queues. The connect functio...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xen-netback backend not verifying that the queue number is zero, potentially leading to a...
PT-2026-43757
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requested num...
CVE-2026-45890
xen-netback: reject zero-queue configuration from guest...
Astra Linux - уязвимость в linux, linux-5.10
A guest can force the Linux netback driver to consume a large amount of kernel memory. This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Incoming data packets for a guest in the Linux kernel’s netback driver are buffere...
Astra Linux - уязвимость в linux, linux-5.10
A guest can force the Linux netback driver to consume a large amount of kernel memory. This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Incoming data packets for a guest in the Linux kernel’s netback driver are buffere...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
Guests can trigger the reset/abort/crash of the NIC interface through netback. It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux-based network backend by sending certain types of packets. It seems to be an unstated assumption in the rest of the Linux network stack...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvifflushhash During the listforeachentryrcu iteration call of xenvifflushhash, kfreercu does not exist inside the rcu read critical section, so if kfreercu is called when the rcu grace period en...
Astra Linux - уязвимость в linux
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations as a result of changes to the handling of grant mapping errors. A host OS denial of service may occur during...
Astra Linux - уязвимость в linux-5.10, linux
The fix for XSA-423 added logic to the Linux’s netback driver to handle cases where a packet is split by a frontend, resulting in not all of the headers being together in one piece. Unfortunately, the introduced logic did not account for the extreme case where the entire packet is split into as...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: xen/netback: Avoid entering xenvifrxnextskb with an empty rx queue. xenvifrxnextskb expects the rx queue not to be empty. However, if the loop in xenvifrxaction performs multiple iterations, the availability of another skb in the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005139)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005139 advisory. In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvifflushhash During the listforeachentryrcu iteration call of...