Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the receive ring space parameters when XDP is active. The MTU setting at the time a XDP multi-buffer is attached determines whether the aggregation ring will be used and the rxskbfunc handler. This is done in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ionic: Fix kernel panic in XDPTX action In the XDPTX path, the ionic driver sends a packet to the TX path with the rx page and the corresponding DMA address. After the TX operation is completed, the ionictxclean function frees th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Revert “xsk: Support redirecting to any socket bound to the same umem”. This revertment is associated with the commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple NAPI...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fixed the “UBSAN: shift-out-of-bounds error” issue. This patch ensures that the RX ring size rxpending is not set below the permitted limit. This prevents UBSAN shift-out-of-bounds errors when users specify small or...

CVE-2026-23353

Summary (CVE-2026-23353) A bug in the Linux kernel ice network driver causes a kernel NULL pointer dereference during the ethtool offline loopback test after ICE conversion to page pool. The root cause is not initializing libeth for the receive (RX) ring, leading to a crash when the loopback test...

CVE-2026-23353

In the Linux kernel, the following vulnerability has been resolved: ice: fix crash in ethtool offline loopback test Since the conversion of ice to page pool, the ethtool loopback test crashes: BUG: kernel NULL pointer dereference, address: 000000000000000c PF: supervisor write access in kernel mo...

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-24452

In EfwApTransport::ProcessRxRing of efw ap transport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-71137 octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size rxpending is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring size...

PT-2026-1247

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A memory leak issue was identified and resolved in the Linux kernel’s wifi subsystem, specifically within the rtl8180 init rx ring function. This function allocates memory for skb packet...

CVE-2022-50483 net: enetc: avoid buffer leaks on xdp_do_redirect() failure

In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid buffer leaks on xdpdoredirect failure Before enetccleanrxringxdp calls xdpdoredirect, each software BD in the RX ring between index origi and i can have one of 2 refcount values on its page. We are the owner of...

PT-2025-40670

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the enetc network driver related to buffer management during XDP redirect operations. Specifically, the issue arises from improper handling of...

EUVD-2025-27887

Malicious code in bioql PyPI...

SUSE CVE-2025-39858

In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix ISERR vs NULL check bug in mlx4encreaterxring Replace NULL check with ISERR check after calling pagepoolcreate since this function returns error pointers ERRPTR. Using NULL check could lead to invalid pointer...

CVE-2025-39858

The CVE-2025-39858 entry concerns a Linux kernel issue in mlx4_en_create_rx_ring where a NULL check after page_pool_create() could dereference an invalid pointer, since page_pool_create() returns ERR_PTR values. The fix replaces the NULL check with an IS_ERR() check to properly handle error point...

bnxt_en: Fix receive ring space parameters when XDP is active

...

net: libwx: properly reset Rx ring descriptor

...

CVE-2025-38532

In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx-doreset is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values...

CVE-2025-38532

In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx-doreset is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values...

CVE-2025-38532

CVE-2025-38532 affects the Linux kernel libwx RX path. When a device reset occurs due to feature changes (e.g., RX VLAN offload toggles), the hardware descriptor ring may retain stale values, leading to malformed SKBs if length handling isn’t reset. The patch fixes the reset sequence by ensuring ...