Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: A memory leak occurs in the virtnetxskpoolenable function when freeing the xskbuffs. The selftests added to our CI by Bui Quang Minh recently revealed that there is a memory leak in the error path of...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1725-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1725-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: -...

Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1770-1 Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-71066: net/sched: ets: Always remove class...

SUSE-SU-2026:21506-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI...

Astra Linux - уязвимость в qemu

A flaw was discovered in the virtio-net device in QEMU. When the RSS feature is enabled on the virtio-net network card, the indirectionstable data within RSS becomes controllable. Setting values that are excessively large may lead to an index out-of-bounds issue, potentially resulting in a heap...

Astra Linux - уязвимость в qemu

A stack-based buffer overflow was discovered in the virtio-net device of QEMU. This issue occurs when flushing the TX operation in the virtionetflushtx function, provided that the guest has enabled VIRTIONETFHASHREPORT, VIRTIOFVERSION1, and VIRTIONETFMRGRXBUF. This could allow a malicious user to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: virtioring: Fix data race by tagging eventtriggered as racy for KCSAN syzbot reports a data-race when accessing the eventtriggered, here is the simplified stack when the issue occurred:...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed an issue with error unwinding of XDP initialization. When initializing XDP in virtnetopen, some rq xdp initializations may encounter errors, resulting in failed network device openings. However, previous rqs have...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...

EUVD-2026-26509

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer shared with userspace. The kernel validates the header via...

EUVD-2026-24817

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

UBUNTU-CVE-2026-23340

In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls qdiscresetalltxgt to flush qdiscs for queues which will no longer be used...

CVE-2026-23340 net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs

In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls qdiscresetalltxgt to flush qdiscs for queues which will no longer be used...

CVE-2026-23143

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix misalignment bug in struct virtnetinfo Use the new TRAILINGOVERLAP helper to fix a misalignment bug along with the following warning: drivers/net/virtionet.c:429:46: warning: structure containing a flexible array...

Security update for qemu

This update for qemu fixes the following issues: CVE-2024-6505: qemu-kvm: virtio-net: Fixed queue index out-of-bounds access in software RSS bsc1227397 CVE-2025-12464: net: pad packets to minimum length in qemureceivepacket bsc1253002 CVE-2025-11234: qemu-kvm: Fixed use-after-free in websocket...

PT-2026-6116

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0 10 Description The Linux kernel contains a flaw within the virtio net subsystem. Specifically, an inconsistency exists in how memory is allocated and freed for the RSS header. The initial allocation uses...

EUVD-2023-60275

In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1 Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel....

CVE-2023-54051

In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1 Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel....

CVE-2025-61554

A divide-by-zero in VirtIO network device emulation in BitVisor from commit 108df6 2020-05-20 to commit 480907 2025-07-06 allows local attackers to cause a denial of service host hypervisor crash via a crafted PCI configuration space access...