107 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac – ensure that ptprate is not set to 0 before configuring EST. If the value of ptprate, which was previously recorded in the driver, happens to be 0, this invalid value will be propagated up to the EST configuration,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fixed the crash issue for the zero copy XDPTX action. There is a crash issue when running the zero copy XDPTX action. The crash log is as follows: 216.122464 Unable to handle kernel paging request at virtual address...
net: stmmac: Prevent NULL deref when RX memory exhausted
...
CVE-2026-46110
A flaw was found in the Linux kernel's stmmac driver. When the system experiences receive RX memory exhaustion, the stmmacrx function can misinterpret already-processed data descriptors as valid, leading to a NULL pointer dereference. This vulnerability can cause the system to panic, resulting in...
EUVD-2026-32869
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...
CVE-2026-46110
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...
UBUNTU-CVE-2026-46110
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...
CVE-2026-46110
CVE-2026-46110 affects the Linux kernel stmmac driver. When RX memory is exhausted, stmmac_rx() could misinterpret descriptors (full vs dirty), risking a NULL pointer dereference and potential kernel panic. The fix adds an explicit check to bail out when the next RX descriptor is dirty before adv...
CVE-2026-46110 net: stmmac: Prevent NULL deref when RX memory exhausted
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...
CVE-2026-46110
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...
CVE-2026-46110 net: stmmac: Prevent NULL deref when RX memory exhausted
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the stmmac driver, where a null pointer derefrence exception may occur when RX memory is exhausted...
PT-2026-44233
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the stmmac driver when RX memory is exhausted. The driver uses a shared ring array of DMA descriptors to coordinate between the CPU and MAC. The...
CVE-2026-45940
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix oops when split header is enabled For GMAC4, when split header is enabled, in some rare cases, the hardware does not fill buf2 of the first descriptor with payload. Thus we cannot assume buf2 is always fully fill...
CVE-2026-45940
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix oops when split header is enabled For GMAC4, when split header is enabled, in some rare cases, the hardware does not fill buf2 of the first descriptor with payload. Thus we cannot assume buf2 is always fully fill...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue: 1 Add a tc flower filter for VLAN Priority-based frame steering: $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Reading the IOMMU Stream ID from the device tree Nvidia’s Tegra MGBE controllers require the IOMMU “Stream ID” SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hardcoded to u...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: net: stmmac: fixed an issue with left shift overflow in DMA queues When the queue number is greater than 4, left shift overflows due to the 32-bit integer variable used in calculations. The mask calculation for MTLRXQDMAMAP1 i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: stmmac: fixed leaks in the probe. These two error paths should be cleaned up before returning...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: stmmac: fixed the altrtsepcs function when using a fixed-link. When using a fixed-link, the altrtsepcs driver crashes due to a null-pointer dereference, as no phydevice is provided to the tsepcsfixmacspeed function...