CVE-2026-23210

In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebuilt, accessing NULL vsi-rxrings. The sequence was: 1. iceptpprepareforreset cancels PTP work 2...

CVE-2026-23210

In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebuilt, accessing NULL vsi-rxrings. The sequence was: 1. iceptpprepareforreset cancels PTP work 2...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q-elevator in blkmqelvswitchnone CVE-2023-53292 In the Linux kernel, the following vulnerability has been resolved: block: fix race between setblocksize and read paths CVE-2025-3807...

PT-2025-52994

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ice network driver. Calling ethtool during a reload operation can lead to a kernel NULL pointer dereference because the Virtual Switch Interface VSI i...

EUVD-2023-37190

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-1668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header...

kernel: net: gso: fix ownership in __udp_gso_segment

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

CVE-2023-32969

A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651...

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

UBUNTU-CVE-2025-21981

In the Linux kernel, the following vulnerability has been resolved: ice: fix memory leak in aRFS after reset Fix aRFS accelerated Receive Flow Steering structures memory leak by adding a checker to verify if aRFS memory is already allocated while configuring VSI. aRFS objects are allocated in two...

CVE-2025-21981 ice: fix memory leak in aRFS after reset

In the Linux kernel, the following vulnerability has been resolved: ice: fix memory leak in aRFS after reset Fix aRFS accelerated Receive Flow Steering structures memory leak by adding a checker to verify if aRFS memory is already allocated while configuring VSI. aRFS objects are allocated in two...

CVE-2025-21334

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability...

PT-2025-40085

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc1+ Description An issue exists in the Linux kernel related to incorrect IRQ freeing within the i40e network driver. Specifically, when request irq fails during the i40e vsi request irq msix function, the...

USN-7178-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's vSwitch to crash, resulting in a denial of service...

UBUNTU-CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

CVE-2024-43625

Microsoft Windows VMSwitch Elevation of Privilege Vulnerability...

RHSA-2016:0537 Red Hat Security Advisory: openvswitch security update

Bulletin has no description...

CVE-2024-32765

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...

CVE-2024-32765

CVE-2024-32765 affects QNAP Network & Virtual Switch, with fixed releases in QTS 5.1.8.2823 build 20240712 and later and QuTS hero h5.1.8.2823 build 20240712 and later. A locally authenticated administrator can gain access to and execute certain functions via unspecified vectors; the exact exploi...

CVE-2024-32765 QTS, QuTS hero

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...