51 matches found
SUSE CVE-2026-45856
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...
UBUNTU-CVE-2026-45856
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...
CVE-2026-45856
The CVE-2026-45856 issue affects the Linux kernel's RDMA/uverbs subsystem, specifically ib_uverbs_post_send. The vulnerability arises when cmd.wqe_size from userspace is not validated before kmalloc and using the allocated memory as struct ib_uverbs_send_wr, allowing an out-of-bounds read of kern...
Linux Distros Unpatched Vulnerability : CVE-2026-45856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to...
Astra Linux - уязвимость в linux, linux-5.10
A issue was discovered in the Linux kernel through version 5.16-rc6. The function uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks a check for the function kmallocarray...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/uverbs: A integer overflow issue has been addressed. In the expression “cmd.wqesize cmd.wrcount”, both variables are of type u32 and come from the user space. This multiplication can lead to integer wrapping issues. We al...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021620)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021620 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression cmd.wqesize cmd.wrcount, both...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000850)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000850 advisory. The InfiniBand IB implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux RHEL 6 does not properly restrict use of User Verbs f...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002050)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002050 advisory. The InfiniBand IB implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux RHEL 6 does not properly restrict use of User Verbs f...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-422683)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-422683 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression cmd.wqesize cmd.wrcount, both...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414351)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414351 advisory. An issue was discovered in the Linux kernel through 5.16-rc6. uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks check of kmallocarray. Tenable has extracted...
EUVD-2024-53793
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-3105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.16-rc6. uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks check of kmallocarray. CVE-2022-3105 No...
kernel: RDMA/uverbs: Prevent integer overflow issue
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...
The vulnerability of the uverbs_request_next_ptr() function in the driver (drivers/infiniband/core/uverbs_cmd.c) of the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the uverbsrequestnextptr function in the driver drivers/infiniband/core/uverbscmd.c of the Linux kernel is related to integer overflow. Exploiting this vulnerability could allow an attacker to trigger a service failure...
CVE-2024-57890
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...
SUSE CVE-2024-57890
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...
DEBIAN-CVE-2024-57890
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...
AZL-55853 CVE-2024-57890 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...
UBUNTU-CVE-2024-57890
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...