15 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handling of actinetdevs allocation failures The kmallocarray function in nfpfllagdowork will return null if physical memory runs out. As a result, if we dereference actinetdevs, null pointer dereferencing bugs may...
CVE-2026-22981
In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and close any netdevs in UP state until the reset handling has completed. During a reset, the...
UBUNTU-CVE-2026-22981
In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and close any netdevs in UP state until the reset handling has completed. During a reset, the...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-389863)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-389863 advisory. In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle actinetdevs allocation failure The kmallocarray in nfpfllagdowork will return...
CVE-2025-39796
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
CVE-2025-39796
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
CVE-2025-39796
CVE-2025-39796 affects the Linux kernel (net: lapbether: ignore ops-locked netdevs). According to connected sources, Syzkaller-triggered lock dependency via xsk_notify and register_netdevice could occur for notifier chains, with the fix skipping lapbeth for ops-locked devices to break the depende...
CVE-2025-39796 net: lapbether: ignore ops-locked netdevs
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: ignore ops-locked netdevs Syzkaller managed to trigger lock dependency in xsknotify via registernetdevice. As discussed in 0, using registernetdevice in the notifiers is problematic so skip adding lapbeth for...
kernel: nfp: flower: handle acti_netdevs allocation failure
A vulnerability was found in the Linux kernel's ethernet lagconf.c driver in the nfpfllagdowork function, where a NULL pointer dereference can occur due to a lack of proper checks. The scenario is caused when the function attempts to call kmallocarray, which returns as NULL because the physical...
CVE-2024-38557 net/mlx5: Reload only IB representors upon lag disable/enable
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Reload only IB representors upon lag disable/enable On lag disable, the bond IB device along with all of its representors are destroyed, and then the slaves' representors get reloaded. In case the slave IB representor...
CVE-2021-47371
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks 1 that can be reduced to the following commands: ip nexthop add id 1 blackhole devlink dev reload pci/0000:06:00.0 As part of the...
CVE-2021-47371
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks 1 that can be reduced to the following commands: ip nexthop add id 1 blackhole devlink dev reload pci/0000:06:00.0 As part of the...
CVE-2021-47371
In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks 1 that can be reduced to the following commands: ip nexthop add id 1 blackhole devlink dev reload pci/0000:06:00.0 As part of the...
DEBIAN-CVE-2024-27046
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle actinetdevs allocation failure The kmallocarray in nfpfllagdowork will return null, if the physical memory has run out. As a result, if we dereference the actinetdevs, the null pointer dereference bugs will...
UBUNTU-CVE-2024-27046
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle actinetdevs allocation failure The kmallocarray in nfpfllagdowork will return null, if the physical memory has run out. As a result, if we dereference the actinetdevs, the null pointer dereference bugs will...