CVE-2026-43147

A flaw was found in the Linux kernel. A local user can cause a system deadlock by performing specific operations related to SR-IOV Single Root I/O Virtualization device removal. This occurs due to a recursive lock acquisition within the PCI Peripheral Component Interconnect subsystem, specificall...

Azure Linux 3.0 Security Update: sriov-network-device-plugin (CVE-2022-1996)

The version of sriov-network-device-plugin installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1996 advisory. - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restfu...

DEBIAN-CVE-2023-53123

In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In particular on an SR-IOV device VFs may be removed...

libvirt: Memory leak in virPCIVirtualFunctionList cleanup

A vulnerability was found in libvirt. This security flaw occurs due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

powerpc-utils bug fix and enhancement update

An update is available for powerpc-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The powerpc-utils packages provide various utilities for IBM Power...

AZL-35283 CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.7.0-1

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...