66 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53298
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine,...
CVE-2026-53298
In CVE-2026-53298, the Linux kernel airoha network driver is affected by a race in initialization: ndesc is initialized too early in airoha_qdma_init_rx_queue(), causing a NULL pointer dereference during cleanup if allocation fails. The documented fix moves ndesc initialization to the end of airo...
CVE-2026-53298 net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue()
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
PT-2026-52937
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the airoha qdma init rx queue function when queue entry or DMA descriptor list allocation fails. This happens because the ndesc variable is initializ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: xsk: prohibit usage of non-balanced queue ID Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z The above refers to a situation where a user wants to attach an XSK socket in txonly mode at a...
Astra Linux – Vulnerability in Qemu
An integer overflow issue was identified in the vmxnet3 NIC emulator of QEMU for versions up to v5.2.0. This issue can occur if a guest provides invalid values for the rx/tx queue size or other NIC parameters. A privileged guest user may exploit this flaw to crash the QEMU process on the host,...
SUSE CVE-2026-43083
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...
PT-2026-37393
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net: ioam6 component where an out-of-bounds access of the dev- tx array can occur when is input is true. This happens because skb get tx queue does not clamp the...
CVE-2026-31509
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix circular locking dependency in nciclosedevice nciclosedevice flushes rxwq and txwq while holding reqlock. This causes a circular locking dependency because ncirxwork running on rxwq can end up taking reqlock too:...
EUVD-2026-15367
In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...
EUVD-2026-5487
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004222)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004222 advisory. An issue was discovered in the Linux kernel before 5.0.6. In rxqueueaddkobject and netdevqueueaddkobject in net/core/net-sysfs.c, a reference count is mishandled, ak...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003940)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003940 advisory. An issue was discovered in the Linux kernel before 5.0.6. In rxqueueaddkobject and netdevqueueaddkobject in net/core/net-sysfs.c, a reference count is mishandled, ak...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000480)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000480 advisory. An issue was discovered in the Linux kernel before 5.0.6. In rxqueueaddkobject and netdevqueueaddkobject in net/core/net-sysfs.c, a reference count is mishandled, ak...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989117)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989117 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvifrxnextskb with an empty rx queue xenvifrxnextskb is expecting t...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27431)
In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdprxqinfo data structure being used in the xdpbuff that backs the XDP...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414621)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414621 advisory. An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-380977)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380977 advisory. In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program...
EUVD-2022-54583
Malicious code in bioql PyPI...
EUVD-2023-59833
Malicious code in bioql PyPI...