CVE-2026-53133

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

UBUNTU-CVE-2026-53250

In the Linux kernel, the following vulnerability has been resolved: xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable by userspace. In xskskbmetadata, csumstart and csumoffset are read...

CVE-2026-52908

In the Linux kernel, the following vulnerability has been resolved: RDMA: During reregmr ensure that REREGACCESS is compatible If IBMRREREGACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properly pinned as RW. Since the umem is hidden inside each driver's mr stru...

CVE-2026-52908

CVE-2026-52908 affects the Linux kernel RDMA path: during rereg_mr, changing IB_MR_REREG_ACCESS from RO to RW requires re-evaluating the umem to ensure proper RW pinning. The fix introduces an ib_umem_check_rereg() hook that each driver must call before processing IB_MR_REREG_ACCESS; mlx4 retains...

EUVD-2026-38037

In the Linux kernel, the following vulnerability has been resolved: RDMA: During reregmr ensure that REREGACCESS is compatible If IBMRREREGACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properly pinned as RW. Since the umem is hidden inside each driver's mr stru...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fixed a potential deadlock in MR deregistration The issue arises when kzalloc is invoked while holding umemmutex or any other lock acquired under umemmutex. This is problematic because kzalloc can trigger fsreclaimaqcuir...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Fixed corrupted packets for XDPSHAREDUMEM. A issue was addressed in the XDPSHAREDUMEM mode, along with the aligned mode, where packets were corrupted for the second and any subsequent sockets bound to the same umem. In other...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: xsk: fixed an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type ‘u32’, their product can wrap around and then be cast to ‘u64’. This can result in two different XDP buffers pointing to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned flag...

RLSA-2026:19568 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: xsk: Added a missing overflow check in xdpumemreg. The number of chunks can exceed the range of u32. Ensure that -EINVAL is returned in case of an overflow. Additionally, removed a redundant u32 cast when assigning umem-npgs...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: A double-free issue related to reregusermr has been fixed. If IBMRREREGTRANS is set during reregusermr, the uumem will be released, and a new uumem will be allocated in irdmareregmrtrans. If any step of...

RHEL 10 : kernel (RHSA-2026:19569)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19569 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...

SUSE CVE-2026-43093

In the Linux kernel, the following vulnerability has been resolved: xsk: tighten UMEM headroom validation to account for tailroom and min frame The current headroom validation in xdpumemreg could leave us with insufficient space dedicated to even receive minimum-sized ethernet frame. Furthermore ...

SUSE CVE-2026-43120

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix double free related to reregusermr If IBMRREREGTRANS is set during reregusermr, the umem will be released and a new one will be allocated in irdmareregmrtrans. If any step of irdmareregmrtrans fails after the new...

CVE-2026-43128

A flaw was found in the Linux kernel's RDMA/umem subsystem. A memory management error, specifically a double unpin of a dmabuf, can occur in a failure path during dmabuf pinning operations. This vulnerability could lead to system instability or a crash, resulting in a Denial of Service DoS...

CVE-2026-43092

A flaw was found in the Linux kernel's AFXDP eXpress Data Path subsystem. The AFXDP bind operation fails to validate the Maximum Transmission Unit MTU against the usable frame space provided by the UMEM User Memory chunk. This can lead to situations where the configured MTU does not fit,...

CVE-2026-43093

A flaw was found in the Linux kernel's xsk AFXDP subsystem due to insufficient validation of the User Memory UMEM headroom. This vulnerability could lead to memory corruption, specifically the skbsharedinfo data structure, if multi-buffer is enabled. Such corruption could result in system...

EUVD-2026-27594

In the Linux kernel, the following vulnerability has been resolved: xsk: validate MTU against usable frame size on bind AFXDP bind currently accepts zero-copy pool configurations without verifying that the device MTU fits into the usable frame space provided by the UMEM chunk. This becomes a...

CVE-2026-43128

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix double dmabufunpin in failure path In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages can fail. If this occurs, the dmabuf is immediately unpinned but the umemdmabuf-pinned flag is still set...