391 matches found
SUSE CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
DEBIAN-CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
UBUNTU-CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
CVE-2026-53298
In CVE-2026-53298, the Linux kernel airoha network driver is affected by a race in initialization: ndesc is initialized too early in airoha_qdma_init_rx_queue(), causing a NULL pointer dereference during cleanup if allocation fails. The documented fix moves ndesc initialization to the end of airo...
CVE-2026-53104
A flaw was found in the Linux kernel's mt76 Wi-Fi driver. This vulnerability, a memory leak, occurs when the device is destroyed during module unload. Specifically, the mt76dmacleanup routine fails to properly destroy the pagepool associated with all MT76 receive queues, leading to unreleased...
CVE-2026-53154 mm/hugetlb: restore reservation on error in hugetlb folio copy paths
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...
EUVD-2026-38972
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak destroying device All MT76 rx queues have an associated pagepool even if the queue is not associated to a NAPI e.g. WED RRO queues with WED enabled. Destroy the pagepool running mt76dmacleanup routine...
CVE-2026-53104
The CVE-2026-53104 entry concerns the Linux kernel’s MT76 wifi driver. The issue is a memory leak in MT76 rx queues related to page pools: all rx queues have an associated page_pool even if not connected to a NAPI, and the mt76_dma_cleanup routine must destroy the page_pool during module unload. ...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: pagepool: Fixed a use-after-free in pagepoolrecycleinring. syzbot reported a UAF Use-After-Free in pagepoolrecycleinring: BUG: KASAN: Slab-use-after-free in lockrelease+0x151/0xa30 in kernel/locking/lockdep.c:5862. A size 8 re...
PT-2026-51998
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the mt76 WiFi driver during device destruction. All MT76 rx queues possess an associated page pool, including those not linked to a NAPI, such as WED RRO queues...
SUSE-SU-2026:22099-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-23254: net: gro: fix outer network offset bsc1259884. - CVE-2026-23303: smb: client: Don't log plaintext credentials in cifssetcifscreds bsc1260502. -...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: libwx: removed the duplicate function pagepoolputfullpage The pagepoolputfullpage function should only be called when freeing Rx buffers or when creating a skb if the size is too short. At other times, the pages need to be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - net: lan966x: Fixed a page pool leak in error paths. - lan966xfdmarxalloc creates a page pool, but does not destroy it if the subsequent fdmaalloccoherent call fails, resulting in a leak of the page pool. - lan966xfdmainit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: skbuff: fixed the coalescing behavior for pagepool fragment recycling. Fixed a use-after-free issue when using pagepool with page fragments. We encountered this problem during normal RX processing in the hns3 driver: 1 Initially,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Added the missing skbmarkforrecycle function. It should be noted that the skbmarkforrecycle function was introduced later than the “fixes” tag in commit 6a5bcd84e886 “pagepool: Allow drivers to hint on SKB recycling...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from pagepool When the skb is reorganized during espoutput !esp-inline, the pages coming from the original skb fragments are supposed to be released back to the system through putpage. But if t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: skbuff: Fixed a race condition between coalescing and releasing SKBs. The commit 1effe8ca4e34 “skbuff: fixing coalescing for pagepool fragment recycling” allowed coalescing to proceed with non-page pool pages when @from is cloned...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages, but it does not handle the case where NULL is returned. A WARNON!newpage message is generated, but the program still proceeds...