253 matches found
CVE-2026-43460 spi: rockchip-sfc: Fix double-free in remove() callback
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...
CVE-2026-43460
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...
CVE-2026-43461
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in amlsfcdmabuffersetup error paths: 1. Unnecessary goto: When the first DMA mapping sfc-daddr fails, nothing needs cleanup. Use direct return instead of goto...
CVE-2026-43460
In the Linux kernel rockchip-sfc driver, CVE-2026-43460 is caused by a double-free of an SPI controller: the driver uses devm_spi_register_controller(), which auto-unregisters on device removal, but remove() also calls spi_unregister_controller(), creating a double-free. The mitigation implemente...
CVE-2026-43460
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...
CVE-2026-23165
In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the netdevice's rsslock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...
CVE-2026-23165
In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the netdevice's rsslock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...
CVE-2026-23165
In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the netdevice's rsslock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...
CVE-2026-23165 sfc: fix deadlock in RSS config read
In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the netdevice's rsslock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...
PT-2026-8160
In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the net device's rss lock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000744)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000744 advisory. The sfc aka Solarflare Solarstorm driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service DMA descriptor consumption and...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002425)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002425 advisory. The sfc aka Solarflare Solarstorm driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service DMA descriptor consumption and...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002334 advisory. The sfc aka Solarflare Solarstorm driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service DMA descriptor consumption and...
MiracleLinux 3 : kernel-2.6.18-308.6.AXS3 (AXSA:2012-1007:07)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-1007:07 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operatin...
CVE-2023-54156
In the Linux kernel, the following vulnerability has been resolved: sfc: fix crash when reading stats while NIC is resetting efxnetstats .ndogetstats64 can be called during an ethtool selftest, during which time nicdata-mcstats is NULL as the NIC has been fini'd. In this case do not attempt to...
CVE-2023-54156 sfc: fix crash when reading stats while NIC is resetting
In the Linux kernel, the following vulnerability has been resolved: sfc: fix crash when reading stats while NIC is resetting efxnetstats .ndogetstats64 can be called during an ethtool selftest, during which time nicdata-mcstats is NULL as the NIC has been fini'd. In this case do not attempt to...
CVE-2023-54156
Technical details for CVE-2023-54156 are not publicly provided in the supplied documents. Monitor for future updates.
PT-2025-53233
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the sfc module where a NULL pointer dereference can occur during an ethtool selftest when reading network interface card NIC statistics...
Linux Distros Unpatched Vulnerability : CVE-2025-40356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: rockchip-sfc: Fix DMA-API usage Use DMA-API dmamapsingle call for getting the DMA address of the transfer buffer instead of hacking with virttophys. This...
EUVD-2025-203631
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix DMA-API usage Use DMA-API dmamapsingle call for getting the DMA address of the transfer buffer instead of hacking with virttophys. This fixes the following DMA-API debug warning: ------------ cut here...