Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from siw RDMA QP destruction without waiting for a reference to be released, which could lead to reuse after...

PT-2025-49702

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to RDMA/rxe functionality. Specifically, a potential NULL pointer dereference can occur within the rxe qp init req function when rxe queue init...

RDMA/hns: Fix double destruction of rsv_qp

...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990812)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990812 advisory. In the Linux kernel, the following vulnerability has been resolved: ice: xsk: disable txq irq before flushing hw iceqpdis intends to stop a given queue pair that is ...

kernel: RDMA/rxe: Fix the qp flush warnings in req

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error. Or else the following will appear. 920.617269 WARNING: CPU: 1 PID: 21 at...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989137)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989137 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cmid...

EUVD-2025-31877

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986727 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cmid...

CVE-2023-53543

Technical details for CVE-2023-53543 are not publicly provided in the supplied documents; monitor SUSE/kernel advisories for updates.

CVE-2025-39932 smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)

In the Linux kernel, the following vulnerability has been resolved: smb: client: let smbddestroy call disableworksync&info-postsendcreditswork In smbddestroy we may destroy the memory so we better wait until postsendcreditswork is no longer pending and will never be started again. I actually just...

EUVD-2024-53838

Malicious code in bioql PyPI...

EUVD-2022-55282

Malicious code in bioql PyPI...

EUVD-2022-55393

Malicious code in bioql PyPI...

UBUNTU-CVE-2023-53528

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If createqp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a seg fault. This patch...

UBUNTU-CVE-2023-53499

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix error unwinding of XDP initialization When initializing XDP in virtnetopen, some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled...

CVE-2023-53528

CVE-2023-53528 affects the Linux kernel RDMA/rxe subsystem. The vulnerability arises from an unsafe drain-work-queue path in qp cleanup when create_qp does not fully complete; cleanup could attempt to drain send/recv queues before the queues exist, leading to a segfault. The fixed patch adds a gu...

CVE-2023-53525

CVE-2023-53525 affects the Linux kernel RDMA CMA component. The issue is that multicast join logic previously allowed non-UD qp_type modes; the patch updates behavior to permit multicast joins only for UD qp_type and ensures qkey is set to a default when not provided, addressing an uninitialized ...

CVE-2023-53499

In CVE-2023-53499, the Linux kernel virtio_net component fixes an error unwind in XDP initialization during virtnet_open(). If an XDP init step fails, previously initialized rqs and enabled NAPI could leak; the patch rolls back earlier rq initialization to prevent leaks in the error unwinding pat...

CVE-2023-53499 virtio_net: Fix error unwinding of XDP initialization

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix error unwinding of XDP initialization When initializing XDP in virtnetopen, some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled...

CVE-2023-53499 virtio_net: Fix error unwinding of XDP initialization

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix error unwinding of XDP initialization When initializing XDP in virtnetopen, some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled...