Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cpumap: The xdprxqinfo structure must be initialized to zero before running the XDP program. When running an XDP program that is associated with a cpumap entry, we do not initialize the xdprxqinfo data structure, which is used in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vdpa: Added a queue index attr to the vdpanlpolicy structure for checking nlattr lengths. The vdpanlpolicy structure is used to validate the nlattr during the parsing of incoming nlmsg messages. It ensures that the described...

CVE-2026-43083 net: ioam6: fix OOB and missing lock

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...

kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...

kernel: i40e: fix idx validation in config queues msg

A flaw was found in the Linux kernel in the Intel i40e network driver such that in the function i40evcconfigqueuesmsg, when iterating over vf-chidx, the idx value is not properly validated against the range of active/initialized traffic classes TCs. An attacker with local privileges could supply ...

Security update for qemu

This update for qemu fixes the following issues: CVE-2024-6505: Fixed queue index out-of-bounds access in software RSS bsc1227397 CVE-2023-1544: Fixed out-of-bounds read in pvrdmaringnextelemread bsc1209554 Patch Instructions: To install this SUSE update use the SUSE recommended installation...

CVE-2023-54031

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

SUSE CVE-2023-54031

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

CVE-2023-54031

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

CVE-2023-54031

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

UBUNTU-CVE-2023-54031

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

CVE-2023-54031 vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

CVE-2023-54031 vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

CVE-2023-54031

The connected Astra Linux advisories describe the CVE-2023-54031 issue in the Linux kernel: a missing nla_policy for the vdpa_nl_policy structure’s queue index attribute can allow parsing of nlattrs to produce an invalid pointer and potentially lead to an out-of-bounds read, similar to CVE-2023-3...

PT-2025-52988

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the vdpa Virtual Data Path Acceleration component. The vdpa nl policy structure, used for validating attributes during network message nlmsg...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from vdpa's lack of policy validation of queue index attributes, which could lead to out-of-bounds reads...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27431)

In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdprxqinfo data structure being used in the xdpbuff that backs the XDP...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-380977)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380977 advisory. In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked FIFO queue index that could lead to reuse after release...

PT-2025-42247

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s i40e network driver related to index validation within the i40e validate queue map function. Specifically, the issue occurs when iterating over...