CVE-2026-53187

A flaw was found in the Linux kernel's RDMA/core component. A local attacker could supply an invalid cpuid through the UVERBSATTRALLOCDMAHCPUID attribute without proper validation. This improper validation could lead to an out-of-bounds read of the cpumask bitmap. On systems configured with...

Astra Linux – Vulnerability in Linux, Linux 5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. The function uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks a check for the function kmallocarray...

SUSE CVE-2026-45856

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

UBUNTU-CVE-2026-45856

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

CVE-2026-45856

The CVE-2026-45856 issue affects the Linux kernel's RDMA/uverbs subsystem, specifically ib_uverbs_post_send. The vulnerability arises when cmd.wqe_size from userspace is not validated before kmalloc and using the allocated memory as struct ib_uverbs_send_wr, allowing an out-of-bounds read of kern...

Linux Distros Unpatched Vulnerability : CVE-2026-45856

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021620 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression cmd.wqesize cmd.wrcount, both...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000850)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000850 advisory. The InfiniBand IB implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux RHEL 6 does not properly restrict use of User Verbs f...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002050)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002050 advisory. The InfiniBand IB implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux RHEL 6 does not properly restrict use of User Verbs f...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414351 advisory. An issue was discovered in the Linux kernel through 5.16-rc6. uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks check of kmallocarray. Tenable has extracted...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-422683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-422683 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression cmd.wqesize cmd.wrcount, both...

EUVD-2024-53793

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.16-rc6. uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks check of kmallocarray. CVE-2022-3105 No...

kernel: RDMA/uverbs: Prevent integer overflow issue

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

The vulnerability of the uverbs_request_next_ptr() function in the driver (drivers/infiniband/core/uverbs_cmd.c) of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the uverbsrequestnextptr function in the driver drivers/infiniband/core/uverbscmd.c of the Linux kernel is related to integer overflow. Exploiting this vulnerability could allow an attacker to trigger a service failure...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevention of integer overflow issues In the expression “cmd.wqesize cmd.wrcount”, both variables are u32 values provided by the user. This multiplication can lead to integer wrapping. We then pass the result to...

CVE-2024-57890

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

SUSE CVE-2024-57890

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

AZL-55853 CVE-2024-57890 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

DEBIAN-CVE-2024-57890

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...