20 matches found
Astra Linux - уязвимость в qemu
An infinite loop flaw was discovered in the e1000 NIC emulator of QEMU. This issue occurs when processing transmit tx descriptors in processtxdesc, especially if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in i40edbgdumpdesc. When attempting to dump VFs using debugfs, a crash occurred due to NULL pointer dereferencing in i40edbgdumpdesc. A check was added to i40edbgdumpdesc to ensure that the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021615)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021615 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data...
CVE-2023-54016
CVE-2023-54016 involves a memory leak in the Linux kernel’s ath12k wireless driver (rx_desc/tx_desc) where memory allocated in ath12k_dp_cc_desc_init() was not freed in ath12k_dp_cc_cleanup(). The provided sources describe saving the base addresses and freeing rx_descs/tx_descs in cleanup to reso...
PT-2025-42248
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ring len parameter, received from a virtual function VF, was directly assigned to the hardware memory context HMC without validation. This allowed for potential issues due to...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987094)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987094 advisory. In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Make sure to free skb when it is completely used With the skb pointer piggy-backed ...
DEBIAN-CVE-2025-22108
In the Linux kernel, the following vulnerability has been resolved: bnxten: Mask the bdcnt field in the TX BD properly The bdcnt field in the TX BD specifies the total number of BDs for the TX packet. The bdcnt field has 5 bits and the maximum number supported is 32 with the value 0...
kernel: net: ena: Fix incorrect descriptor free behavior
This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...
SUSE CVE-2021-47501
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40edbgdumpdesc When trying to dump VFs VSI RX/TX descriptors using debugfs there was a crash due to NULL pointer dereference in i40edbgdumpdesc. Added a check to i40edbgdumpdesc that checks ...
UBUNTU-CVE-2021-47224
In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and efficient way to free the skb buffer when the frame has been transmitted. But in order to avoid...
SUSE CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
DEBIAN-CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
QEMU: net: e1000: infinite loop while processing transmit descriptors
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
QEMU: net: e1000: infinite loop while processing transmit descriptors
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
Denial Of Service (DoS)
qemu is vulnerable to denial of service. An infinite loop in the e1000 NIC emulator occurs while processing transmit tx descriptors in processtxdesc when various descriptor fields are initialized with invalid values...
UBUNTU-CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
PT-2021-7352
Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in process tx desc if various descriptor fields are initialized...
qemu -- denial of service vulnerability in Rocker switch emulation
Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmittx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16...
UBUNTU-CVE-2015-6815
The processtxdesc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service infinite loop and guest crash via unspecified vectors...