Lucene search
K

48 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: marvell/octeontx – prevents integer overflows The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s likely very little you can do to protect yourself. Nevertheless, we still try...

6AI score0.00209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fixed potential use after free in otx2tcaddflow This code calls kfreercunewnode, rcu, then dereferences newnode, and then derefs it again in the next line. After two lines, a mutex is acquired; therefore, I don’t...

6.3AI score0.00182EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 6:27 p.m.12 views

CVE-2026-43296

A flaw was found in the Linux kernel's octeontx2-af driver. This vulnerability arises from issues within the NIX SQ Send Queue manager's sticky mode and the PSE Packet Stream Engine, which can lead to system stalls, deadlocks, and credit drops. When multiple Send Queues share a Send Message Queue...

7.5CVSS5.8AI score0.00387EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 2:16 p.m.5 views

UBUNTU-CVE-2026-43296

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between stick...

7.5CVSS5.7AI score0.00387EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:11 p.m.6 views

CVE-2026-43296

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between stick...

5.8AI score0.00387EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2026/05/06 12:16 p.m.8 views

CVE-2026-43157

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...

5.5CVSS0.00128EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.28 views

CVE-2026-43157 octeontx2-af: CGX: fix bitmap leaks

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...

0.00128EPSS
Exploits0References6
CVE
CVE
added 2026/05/06 11:27 a.m.19 views

CVE-2026-43157

Summary: CVE-2026-43157 affects the Linux kernel octeontx2-af CGX driver. The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap, tx_fc_pfvf_bmap) are allocated during cgx_lmac_init() but not freed during cgx_lmac_exit(), enabling a kernel memory leak (kmemleak) when the driver is unbound and rebound. I...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013555 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...

5.8AI score0.00209EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010902)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010902 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...

6AI score0.00209EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/05 12:25 a.m.6 views

SUSE CVE-2026-23070

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

5.5CVSS5.1AI score0.00121EPSS
Exploits0References9
OSV
OSV
added 2026/02/04 5:16 p.m.5 views

UBUNTU-CVE-2026-23070

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
EUVD
EUVD
added 2026/02/04 4:7 p.m.6 views

EUVD-2026-5474

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

5.1AI score0.00121EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:7 p.m.5 views

CVE-2026-23070

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

5.1AI score0.00121EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/01/17 12:25 a.m.4 views

SUSE CVE-2025-71137

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size rxpending is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring size...

5.5CVSS6.6AI score0.00157EPSS
Exploits0References20
CVE
CVE
added 2026/01/14 3:7 p.m.23 views

CVE-2025-71137

CVE-2025-71137 relates to the Linux kernel, where the octeontx2-pf driver patch fixes a UBSAN shift-out-of-bounds error by ensuring the RX ring size (rx_pending) is not set below the permitted length. This prevents UBSAN faults when users pass small or zero ring sizes via ethtool -G. The fix is a...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-50763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware file. If your firmware is untrusted realistically there is...

6.3AI score0.00209EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/12/25 1:3 a.m.3 views

SUSE CVE-2022-50763

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...

7CVSS6.8AI score0.00209EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/24 3:30 p.m.4 views

EUVD-2022-55798

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...

6.3AI score0.00209EPSS
Exploits0References6
NVD
NVD
added 2025/12/24 1:16 p.m.6 views

CVE-2022-50763

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...

0.00209EPSS
Exploits0References5
Rows per page
Query Builder