34 matches found
USN-8180-6: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
SUSE CVE-2026-43234
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43234
A flaw was found in the Linux kernel's team driver. A local user can exploit this vulnerability by manipulating network devices and namespaces. Specifically, when a slave device is unregistered from a team interface while a NETDEVCHANGEMTU event is pending, it can lead to a deadlock or resource...
EUVD-2026-27793
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43234 team: avoid NETDEV_CHANGEMTU event when unregistering slave
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43234
CVE-2026-43234 concerns the Linux kernel team driver. The issue arises when unregistering a slave from a team interface while a NETDEV_CHANGEMTU event is pending, potentially causing a deadlock/resource exhaustion and system unresponsiveness as shown by reproduction steps involving creating a tea...
CVE-2026-43234
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
PT-2026-37574
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEV CHANGEMTU event when unregistering slave syzbot is reporting unregister netdevice: waiting for netdevsim0 to become free. Usage count = 3 ref tracker: netdev@ffff88807dcf8618 has 1/2 users at netdev tracker all...
Ubuntu Pro Realtime 24.04 LTS : Linux kernel (Raspberry Pi Real-time) vulnerabilities (USN-8204-1)
"The remote Ubuntu Pro Realtime 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8204-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly...
CVE-2026-31502
In the Linux kernel, the following vulnerability has been resolved: team: fix headerops type confusion with non-Ethernet ports Similar to commit 950803f72547 "bonding: fix type confusion in bondsetupbyslave" team has the same class of headerops type confusion. For non-Ethernet ports,...
CVE-2026-31502
CVE-2026-31502 : The connected sources detail a Linux kernel vulnerability involving a type confusion in the team network device’s header_ops for non-Ethernet ports. The root cause is that team_setup_by_port() can copy port_dev->header_ops and later callbacks (dev_hard_header/dev_parse_header)...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a type confusion of the headerops type in the team driver, potentially leading to a type confusio...
USN-8180-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8184-1: Linux kernel (Real-time) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8180-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
CVE-2025-71091
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...
UBUNTU-CVE-2025-71091
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...
CVE-2025-71091
The CVE-2025-71091 issue is in the Linux kernel: when a port is disabled but queue priority changes are processed, team_queue_override_port_prio_changed() could run a del on an already-removed list node, triggering a kernel bug. The fix adds an early return when the port is not enabled to avoid t...
CVE-2025-71091 team: fix check for port enabled in team_queue_override_port_prio_changed()
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...