Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: virtionet: Do not send RSS commands if the feature is not available on the device. There is a bug when setting RSS options in virtionet that can cause the entire machine to become unstable, leading to an infinite loop in the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: The result size returned for the admin command completion has been corrected. The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Check if isavq is NULL Bug In the virtiopcicommon.c function vpdelvqs, vpdev-isavq is used to determine whether it is an admin virtqueue. However, this function vpdev-isavq may be empty. In certain installations,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: The number of address spaces and virtqueue groups was set. The commit bda324fd037a “vdpasim: control virtqueue support” added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for...

crypto: virtio - Add spinlock protection with virtqueue notification

...

SUSE CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

UBUNTU-CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229

CVE-2026-23229 is a Linux kernel vulnerability in virtio-crypto where missing spinlock protection around virtqueue done notifications can cause hangs (e.g., openssl speed benchmark with multi-process workloads). Root cause: data virtqueue handling without spinlock protection in virtcrypto_done_ta...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229 crypto: virtio - Add spinlock protection with virtqueue notification

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of spinlock protection for the virtqueue notification, potentially leading to data...

Linux Distros Unpatched Vulnerability : CVE-2026-23229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark...

MiracleLinux 7 : qemu-kvm-1.5.3-126.el7.3 (AXSA:2017-1267:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1267:01 advisory. qemu-kvm is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu-kvm acts as a virtual machine monitor together with the...

Astra Linux – Vulnerability in Qemu

A flaw was discovered in QEMU, specifically in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size of virtqueuepush, as specified in virtioscsicompletereq, virtioblkreqComplete, and viritocryptoreqComplete, might be larger than the actual size of the data that has been sent to the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000219)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000219 advisory. A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged t...

PT-2026-20455

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's virtio crypto component related to spinlock protection when handling virtqueue notifications. Specifically, when a virtual machine boots with a single...

CVE-2023-54291

CVE-2023-54291 affects the Linux kernel’s vduse/vdpa code. The issue is a NULL pointer dereference when vduse_vdpa_set_vq_affinity is called with cpu_mask NULL during device deletion. The patch fixes the crash by resetting the virtqueue IRQ affinity mask to cover all CPUs instead of dereferencing...