net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list

...

CVE-2026-53230 net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...

CVE-2026-53230

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...

CVE-2026-53230

CVE-2026-53230 describes a slab-out-of-bounds vulnerability in the Linux kernel mlx5 driver: mlx5_query_nic_vport_mac_list sizes its firmware command buffer using the PF’s log_max_current_uc/mc_list, risking an overflow when querying a VF vport with a larger max. The resulting memory access is a ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the vport QoS cleanup process when an error occurs. When enabling vport QoS fails, the scheduling node never gets freed, resulting in a leak. The missing fields were added, and the vport scheduling node pointer wa...

EUVD-2026-32771

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

CVE-2026-46144 RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

PT-2026-43951

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA mana ib component where the mana ib destroy qp rss function destroys RX WQ objects without disabling vPort RX steering in the firmware. This results in stale...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Detaching and closing netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and closing any netdevs in UP state until the reset handling is completed. During a reset,...

SUSE CVE-2026-23042

In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo for this vport. This leads to kernel NULL pointer dereference in...

CVE-2026-23042

CVE-2026-23042 concerns the Linux kernel: the idpf driver may dereference a NULL vdev_info during unplugging of an aux device if RDMA is not enabled on the vport (VIRTCHNL2_VPORT_ENABLE_RDMA). The vulnerability arises when the driver does not allocate vdev_info for a vport lacking RDMA support, l...

CVE-2026-23042

In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo for this vport. This leads to kernel NULL pointer dereference in...

Linux Distros Unpatched Vulnerability : CVE-2026-23042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo fo...

CVE-2026-22981

CVE-2026-22981 pertains to the Linux kernel driver for IDPF (Intel Ethernet 800/900-series? context in the doc refers to idpf) where, during reset handling, netdev interfaces are detached/closed to protect the reset path. The vulnerability description states that if reset handling succeeds, netde...

CVE-2026-22981 idpf: detach and close netdevs while handling a reset

In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and close any netdevs in UP state until the reset handling has completed. During a reset, the...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57801)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57801 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vpo...

EUVD-2026-2694

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network...

CVE-2026-21910

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network...

PT-2026-5526

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the idpf vport rel function within the Linux kernel's idpf module. The issue occurs because the vport-rx ptype lkup memory is not freed during a reset operation,...