Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: Broadcom – bcm4908enet: Updates TX statistics after actual transmission. Queuing packets does not guarantee their transmission. Updates TX statistics after the hardware confirms that it is consuming the submitted data. This...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: Ethernet:enic: A use-after-free bug has been fixed in enichardstartxmit. In enichardstartxmit, it calls enicqueuewqskb. Inside enicqueuewqskb, if an error occurs, the skb will be freed by devkfreeskbskb. However, the freed skb is...

net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit()

...

SUSE CVE-2026-31658

In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tsestartxmit When dmamapsingle fails in tsestartxmit, the function returns NETDEVTXOK without freeing the skb. Since NETDEVTXOK tells the stack the packet was consumed, the sk...

CVE-2026-31658 net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit()

In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tsestartxmit When dmamapsingle fails in tsestartxmit, the function returns NETDEVTXOK without freeing the skb. Since NETDEVTXOK tells the stack the packet was consumed, the sk...

CVE-2026-31658

CVE-2026-31658 affects the Linux kernel net: altera-tse driver. The root cause is a memory leak: when dma_map_single() fails in tse_start_xmit(), the code returns NETDEV_TX_OK without freeing the skb, causing the skb to be leaked on every DMA mapping failure. The provided patches add dev_kfree_sk...

CVE-2026-31658

In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tsestartxmit When dmamapsingle fails in tsestartxmit, the function returns NETDEVTXOK without freeing the skb. Since NETDEVTXOK tells the stack the packet was consumed, the sk...

EUVD-2026-24817

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

CVE-2026-31469

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

PT-2026-34374

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the virtio net driver when it is configured with napi tx=N and the IFF XMIT DST RELEASE flag is cleared, such as during the configuration of tc route...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-993147)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993147 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit ret = brcmfprototxqueuedatadrvr,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992662 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb ==...

SUSE CVE-2022-50728

In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcsstartxmit With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid ...

UBUNTU-CVE-2022-50728

In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcsstartxmit With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid ...

CVE-2022-50728 s390/lcs: Fix return type of lcs_start_xmit()

In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcsstartxmit With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid ...

PT-2025-53032

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the return type of the lcs start xmit function does not match the expected return type in the struct net device ops. Specifically, ndo start xmi...

kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()

A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...

EUVD-2023-60007

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix a NULL pointer dereference in ath12kmacophwscan In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy, which may lead to a NULL pointer dereference on failure of kzalloc. Fix this bug by...

SUSE CVE-2023-53657

In the Linux kernel, the following vulnerability has been resolved: ice: Don't tx before switchdev is fully configured There is possibility that iceeswitchportstartxmit might be called while some resources are still not allocated which might cause NULL pointer dereference. Fix this by checking if...

CVE-2023-53657 ice: Don't tx before switchdev is fully configured

In the Linux kernel, the following vulnerability has been resolved: ice: Don't tx before switchdev is fully configured There is possibility that iceeswitchportstartxmit might be called while some resources are still not allocated which might cause NULL pointer dereference. Fix this by checking if...