46 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Net: qlogic/qede: fixed a potential out-of-bounds read in qedetpacont and qedetpaend. The loops in ‘qedetpacont’ and ‘qedetpaend’ iterate over ‘cqe-lenlist’, using only a zero-length terminator as the stopping condition. If the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: qede: ensure that the skb is allocated before use. qedebuildskb assumes that buildskb always works and proceeds directly to skbreserve. However, buildskb may fail under memory pressure. This results in a kernel panic because the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: qed: Do not collect too many protection override GRC elements In the protection override dump path, the firmware may return far too many GRC elements, leading to attempts to write beyond the previously allocated dump buffer. This...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40252)
In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero- length terminator as the stopping condition. If the...
RXSA-2026:13577 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend CVE-2025-40252 kernel: crypto: asymmetricke...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
RLSA-2026:13578 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont a...
kernel security update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RockyLinux 8 : kernel (RLSA-2026:13577)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13577 advisory. kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend...
kernel: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
QLogic qede driver processes TPA TCP/IP Packet Aggregation completion queue entries by iterating through lenlist until hitting a zero terminator. Malformed or corrupted completion entries lacking this sentinel cause the loop to read beyond array bounds. SVACE static analysis identified that...
ALSA-2026:13577 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend CVE-2025-40252 kernel: crypto: asymmetricke...
RHEL 8 : kernel (RHSA-2026:13577)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13577 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free speci...
ALSA-2026:13578 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont a...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991212)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991212 advisory. In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qedebuildskb assumes buildskb always works and goes...
CVE-2025-40252
QLogic qede driver processes TPA TCP/IP Packet Aggregation completion queue entries by iterating through lenlist until hitting a zero terminator. Malformed or corrupted completion entries lacking this sentinel cause the loop to read beyond array bounds. SVACE static analysis identified that...
CVE-2025-40252
In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...
AZL-71393 CVE-2025-40252 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...
UBUNTU-CVE-2025-40252
In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...
CVE-2025-40252
CVE-2025-40252 affects the Linux kernel net/qlogic/qede: a potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() could occur if the cqe->len_list[] terminator is missing or malformed. The fix adds explicit bound checks using ARRAY_SIZE() in both loops to prevent accessing beyond t...
CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...