SUSE CVE-2026-46144

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

EUVD-2026-32771

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

CVE-2026-46126

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...

CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

CVE-2026-45881

A flaw was found in the MediaTek SVS System Voltage Scaling driver within the Linux kernel. A memory leak occurs in the svsenabledebugwrite function when a buffer, allocated during a debug write operation, is not properly freed if an integer conversion fails. This vulnerability could allow a loca...

PT-2026-44267

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in mana ib create qp rss Sashiko points out that mana ib cfg vport steering is leaked, the normal destroy path cleans it up...

CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

CVE-2026-46084

The CVE-2026-46084 issue resides in Linux kernel RDMA/mana_ib handling: when an RSS QP is destroyed, mana_ib_destroy_qp_rss() clears RX WQ objects but fails to disable vPort RX steering in firmware, leaving stale steering configs that may route completions to old RX objects. If traffic persists a...

State of SDLC Security 2026: How Risk Scales in Modern Development

Insights from real-world environments into how code, developer tooling, automation, and AI are reshaping application security...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM – Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1’s MSRAMD64TSCRATIO has diverged from KVM’s...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sfc: fixed a deadlock in the RSS config read operation. Since the referenced commit, core locked the rsslock of netdevice when handling the ethtool -x command. Therefore, the driver’s implementation should no longer lock it. Remo...

CVE-2026-43401

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...

CVE-2026-43260

A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...

EUVD-2026-27820

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

CVE-2026-43260

The CVE concerns the bnxt_en driver in the Linux kernel. The vulnerability stems from RSS context deletion logic that could leak VNICs in firmware when deleting RSS contexts with the interface down, leading to failures when re-opening and restoring RSS contexts. The fix removes the netif_running(...

CVE-2026-43260

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

PT-2026-37600

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bnxt en driver regarding the RSS context delete logic. The driver incorrectly used a netif running check when deleting an RSS context, which caused VNICs Virtual...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the null check for pipectx-planestate in resourcebuildscalingparams. A null pointer dereference issue could occur when pipectx-planestate is null. The fix adds a check to ensure that ‘pipectx-planestate’ is...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: virtionet: Do not send RSS commands if the RSS feature is not available in the device. There is a bug when setting RSS options in virtionet that can cause the entire machine to become unstable, leading to an infinite loop in the...