870 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-23035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails. Pass netdev to...
Linux Distros Unpatched Vulnerability : CVE-2025-71182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free...
SUSE CVE-2026-22981
In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and close any netdevs in UP state until the reset handling has completed. During a reset, the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005008)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005008 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939netdevstart: fix UAF for rxkref of j1939priv It will trigger UAF for rxkref of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005032)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005032 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use-after-free in rtl8712dlfw Syzbot reported use-after-free in rtl8712dlfw...
SUSE CVE-2026-22996
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...
SUSE CVE-2026-23000
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
CVE-2026-22996
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...
CVE-2026-23000
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
AZL-78324 CVE-2026-23000 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
AZL-77343 CVE-2026-23000 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
UBUNTU-CVE-2026-22996
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...
CVE-2026-23000
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
CVE-2026-22996
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...
CVE-2026-23001 macvlan: fix possible UAF in macvlan_forward_source()
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...
CVE-2026-23000
CVE-2026-23000 concerns the Linux kernel mlx5e driver. The issue occurs when mlx5e_netdev_change_profile fails to attach a new profile and then cannot rollback to the old one, leaving a dangling netdev with a reset priv. A second change-profile attempt (e.g., via switchdev) can crash when derefer...
CVE-2026-23000
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
EUVD-2026-4618
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
CVE-2026-22996
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...
CVE-2026-22996 net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...