32 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix double-free of txbuf skb If icetso or icetxcsum fail, the error path in icexmitframering frees the skb, but the 'first' txbuf still points to it and is...
EUVD-2026-38877
In the Linux kernel, the following vulnerability has been resolved: ice: fix double-free of txbuf skb If icetso or icetxcsum fail, the error path in icexmitframering frees the skb, but the 'first' txbuf still points to it and is marked as valid ICETXBUFSKB. 'nexttouse' remains unchanged, so the...
CVE-2026-53009
The CVE-2026-53009 issue affects the Linux kernel ice network driver. When ice_tso() or ice_tx_csum() fail, the error path in ice_xmit_frame_ring() frees the skb, but the first tx_buf may still reference it and be marked ICE_TX_BUF_SKB, with next_to_use unchanged. If there is no subsequent packet...
CVE-2026-53009 ice: fix double-free of tx_buf skb
In the Linux kernel, the following vulnerability has been resolved: ice: fix double-free of txbuf skb If icetso or icetxcsum fail, the error path in icexmitframering frees the skb, but the 'first' txbuf still points to it and is marked as valid ICETXBUFSKB. 'nexttouse' remains unchanged, so the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotpsendmsg: added a result check for waiteventinterruptible. The waiteventinterruptible function is used to wait for complete transmission, but the result of this function, which may be interrupted, is not checked...
SUSE CVE-2026-43445
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
CVE-2026-43462 net: spacemit: Fix error handling in emac_tx_mem_map()
In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emactxmemmap The DMA mappings were leaked on mapping error. Free them with the existing emacfreetxbuf function...
CVE-2026-43445 e1000/e1000e: Fix leak in DMA error cleanup
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
CVE-2026-43445 e1000/e1000e: Fix leak in DMA error cleanup
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
SUSE CVE-2026-31474
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotpsendmsg isotpsendmsg uses only cmpxchg on so-tx.state to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a...
CVE-2026-31474 can: isotp: fix tx.buf use-after-free in isotp_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotpsendmsg isotpsendmsg uses only cmpxchg on so-tx.state to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a...
CVE-2026-31474 can: isotp: fix tx.buf use-after-free in isotp_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotpsendmsg isotpsendmsg uses only cmpxchg on so-tx.state to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a...
CVE-2026-31474
The CVE-2026-31474 issue affects the Linux kernel’s CAN ISO-TP (isotp) path. The bug is a use-after-free involving isotp_sendmsg() and the so->tx.buf buffer: if a signal interrupts wait_event_interruptible() inside close() while tx.state is ISOTP_SENDING, the release path may free so->tx.bu...
CVE-2026-23122
In the Linux kernel, the following vulnerability has been resolved: igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue The previous 7 KB per queue caused TX unit hangs under heavy timestamping load. Reducing to 5 KB avoids these hangs and matches the TSN recommendation in I225/I226 SW Use...
EUVD-2026-5456
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...
SUSE CVE-2022-50740
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of urbs in ath9khifusbdealloctxurbs Syzkaller reports a long-known leak of urbs in ath9khifusbdealloctxurbs. The cause of the leak is that usbgeturb is called but usbfreeurb or usbputurb is no...
EUVD-2022-55821
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of urbs in ath9khifusbdealloctxurbs Syzkaller reports a long-known leak of urbs in ath9khifusbdealloctxurbs. The cause of the leak is that usbgeturb is called but usbfreeurb or usbputurb is no...
CVE-2025-22108 bnxt_en: Mask the bd_cnt field in the TX BD properly
In the Linux kernel, the following vulnerability has been resolved: bnxten: Mask the bdcnt field in the TX BD properly The bdcnt field in the TX BD specifies the total number of BDs for the TX packet. The bdcnt field has 5 bits and the maximum number supported is 32 with the value 0...
Linux Distros Unpatched Vulnerability : CVE-2024-44951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on...
DEBIAN-CVE-2024-56557
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7923: Fix buffer overflow for txbuf and ringxfer The AD7923 was updated to support devices with 8 channels, but the size of txbuf and ringxfer was not increased accordingly, leading to a potential buffer overflow in...