7471 matches found
CVE-2023-54031
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...
CVE-2022-50706
In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...
UBUNTU-CVE-2023-54028
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxecleanuptask" In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like rxeinittask are not setup until rxeqpinitreq. If an error...
CVE-2023-54028
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxecleanuptask" In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like rxeinittask are not setup until rxeqpinitreq. If an error...
UBUNTU-CVE-2023-54031
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...
CVE-2023-54008
In the Linux kernel, the following vulnerability has been resolved: virtiovdpa: build affinity masks conditionally We try to build affinity mask via createaffinitymasks unconditionally which may lead several issues: - the affinity mask is not used for parent without affinity support only VDUSE...
CVE-2023-54031
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...
CVE-2023-54030
In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...
UBUNTU-CVE-2023-54030
In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...
CVE-2023-54031 vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...
CVE-2023-54031 vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...
CVE-2023-54030 io_uring/net: don't overflow multishot recv
In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...
CVE-2023-54031
The connected Astra Linux advisories describe the CVE-2023-54031 issue in the Linux kernel: a missing nla_policy for the vdpa_nl_policy structure’s queue index attribute can allow parsing of nlattrs to produce an invalid pointer and potentially lead to an out-of-bounds read, similar to CVE-2023-3...
CVE-2023-54028
The CVE concerns the Linux kernel RDMA/rxe path. If rxe_create_qp() triggers an error before rxe_init_task() is executed, an unwind may run rxe_cleanup() and reach rxe_cleanup_task(), which can oops when accessing an uninitialized spinlock. The root cause is registration of a non-static key in rx...
CVE-2023-54028 RDMA/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task"
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxecleanuptask" In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like rxeinittask are not setup until rxeqpinitreq. If an error...
CVE-2022-50706 net/ieee802154: don't warn zero-sized raw_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...
CVE-2022-50706 net/ieee802154: don't warn zero-sized raw_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...
CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...
CVE-2025-68379
CVE-2025-68379 — In the Linux kernel, RDMA/rxe may dereference srq->rq.queue after a failed resize during a double ibv_modify_srq() call, causing a NULL pointer crash. The fix resolves null dereference in rxe_srq_chk_attr()/rxe_srq_from_attr() after a failed resize, preventing access to srq-&g...
CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...