9 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xsk: Avoid data corruption on cq descriptor number Since commit 30f241fcf52a “xsk: Fix immature cq descriptor production”, the descriptor number is stored in the skb control block, and xskcqsubmitaddrlocked relies on it to place...
CVE-2026-1679
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...
CVE-2026-1679
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...
EUVD-2026-16903
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...
CVE-2026-1679
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...
CVE-2026-1679 net: eswifi socket send payload length not bounded
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...
PT-2026-28314
Name of the Vulnerable Software and Affected Versions eswifi affected versions not specified Description The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space. Oversized sends can overflow eswifi-buf, leading to kernel memory corruptio...
SUSE CVE-2023-53394
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...
SUSE CVE-2024-57933
In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...