48 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: crypto: marvell/octeontx – prevents integer overflows The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s likely very little you can do to protect yourself. Nevertheless, we still try...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fixed potential use after free in otx2tcaddflow This code calls kfreercunewnode, rcu, then dereferences newnode, and then derefs it again in the next line. After two lines, a mutex is acquired; therefore, I don’t...
CVE-2026-43296
A flaw was found in the Linux kernel's octeontx2-af driver. This vulnerability arises from issues within the NIX SQ Send Queue manager's sticky mode and the PSE Packet Stream Engine, which can lead to system stalls, deadlocks, and credit drops. When multiple Send Queues share a Send Message Queue...
UBUNTU-CVE-2026-43296
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between stick...
CVE-2026-43296
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between stick...
CVE-2026-43157
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...
CVE-2026-43157 octeontx2-af: CGX: fix bitmap leaks
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...
CVE-2026-43157
Summary: CVE-2026-43157 affects the Linux kernel octeontx2-af CGX driver. The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap, tx_fc_pfvf_bmap) are allocated during cgx_lmac_init() but not freed during cgx_lmac_exit(), enabling a kernel memory leak (kmemleak) when the driver is unbound and rebound. I...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013555)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013555 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010902)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010902 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...
SUSE CVE-2026-23070
In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...
UBUNTU-CVE-2026-23070
In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...
EUVD-2026-5474
In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...
CVE-2026-23070
In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...
SUSE CVE-2025-71137
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size rxpending is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring size...
CVE-2025-71137
CVE-2025-71137 relates to the Linux kernel, where the octeontx2-pf driver patch fixes a UBSAN shift-out-of-bounds error by ensuring the RX ring size (rx_pending) is not set below the permitted length. This prevents UBSAN faults when users pass small or zero ring sizes via ethtool -G. The fix is a...
Linux Distros Unpatched Vulnerability : CVE-2022-50763
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware file. If your firmware is untrusted realistically there is...
SUSE CVE-2022-50763
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...
EUVD-2022-55798
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...
CVE-2022-50763
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...