37 matches found
UBUNTU-CVE-2026-46105
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...
CVE-2026-46105 scsi: mpt3sas: Limit NVMe request size to 2 MiB
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: fixed the mempool allocation size. The maximum size was converted to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. This value is used to determine how many PRP Lists ar...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: hsr: Prevention of use after freeing in prpcreatetaggedframe. The prpfillrct function may fail. In that case, it frees the skb and returns NULL. On the successful path, however, it returns the original skb. Therefore, it is...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013704)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013704 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor...
SUSE CVE-2025-68776
In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...
CVE-2025-68776
A flaw was found in the Linux kernel's High-availability Seamless Redundancy HSR networking component. This vulnerability occurs due to a missing NULL pointer check in the prpgetuntaggedframe function. An attacker could exploit this by triggering a scenario where a memory allocation fails, leadin...
CVE-2025-68776
In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...
UBUNTU-CVE-2025-68776
In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...
SUSE CVE-2022-50756
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...
EUVD-2022-55805
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...
CVE-2022-50756
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...
CVE-2022-50756
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...
CVE-2022-50756 nvme-pci: fix mempool alloc size
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...
CVE-2022-50756 nvme-pci: fix mempool alloc size
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...
CVE-2022-50756
The CVE-2022-50756 issue affected Linux kernel NVMe-PPCI path where mempool allocation size for PRP lists could be inadequate, causing memory corruption in worst case when 4MB across 127 phys segments requires 2 PRP Lists (previously rounded to 1). A fix was implemented by converting the max size...
PT-2026-2508
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the net/hsr subsystem, specifically within the prp get untagged frame function. This function calls pskb copy to allocate memory for frame-skb std, bu...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-383177)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383177 advisory. In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that...
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...