SUSE CVE-2026-46297

In the Linux kernel, the following vulnerability has been resolved: net: libwx: use requestirq for VF misc interrupt Currently, requestthreadedirq is used with a primary handler but a NULL threaded handler, while also setting the IRQFONESHOT flag. This specific combination triggers a WARNING sinc...

CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

CVE-2025-40250

Error handling in mlx5irqalloc destroys the entire CPU affinity rmap instead of just the failed mapping when requestirq returns an error. Concurrent threads accessing the rmap trigger a general protection fault as they dereference freed memory. The crash signature shows freeirqcpurmap accessing...

CVE-2025-40250

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

UBUNTU-CVE-2025-40250

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

EUVD-2025-201207

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

Linux Distros Unpatched Vulnerability : CVE-2025-40250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the othe...

UBUNTU-CVE-2025-39911

In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40evsirequestirqmsix error path If requestirq in i40evsirequestirqmsix fails in an iteration later than the first, the error path wants to free the IRQs requested so far. However, it uses the wrong devid...

UBUNTU-CVE-2025-39785

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irqrequest's irq name variable is local The local variable is passed in requestirq , and there will be use after free problem, which will make requestirq failed. Using the global irq name instead of it to...

CVE-2025-39785 drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irqrequest's irq name variable is local The local variable is passed in requestirq , and there will be use after free problem, which will make requestirq failed. Using the global irq name instead of it to...

SUSE CVE-2025-39685

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl726: Prevent invalid irq number The reproducer passed in an irq number0x80008000 that was too large, which triggered the oob. Added an interrupt number check to prevent users from passing in an irq number that was too...

SUSE CVE-2025-23140

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Avoid issue of interrupts remaining after requestirq error After devmrequestirq fails with error in pciendpointtestrequestirq, the pciendpointtestfreeirqvectors is called assuming that all IRQs have been...

UBUNTU-CVE-2024-38607

In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" The via-macii ADB driver calls requestirq after disabling hard interrupts. But disabling interrupts isn't necessary here because the VIA shift register...

SUSE CVE-2024-26814

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The interrupt handler itself...