EUVD-2026-32885

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...

CVE-2026-46126

The CVE-2026-46126 entry relates to the Linux kernel RDMA mana path. The issue stems from two bugs in the error unwind flow during WQ table cleanup in mana_destroy_wq_obj(): (1) a premature double i-- in the first failure path due to a while-loop earlier, and (2) if mana_ib_install_cq_cb() fails,...

CVE-2026-46117 RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

EUVD-2026-32876

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

CVE-2026-46117

CVE-2026-46117 affects the Linux kernel RDMA/mana component. The issue arises when a user can configure Work Queues to share the same Completion Queue via the uAPI, which triggers a user-writable WARN_ON() and can lead to kernel corruption. The vulnerability has been resolved by removing the trig...

PT-2026-44520

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an cleanup error in manadestroywqobj within manaibcreateqprss. This vulnerability may lead to double...

Oracle Universal Work Queue 安全漏洞

Oracle Universal Work Queue is a flexible work presentation and access tool developed by Oracle, a company in the United States. This software provides centralized viewing of work, access requests, and organization of work, thereby improving efficiency and productivity. Versions 12.2.3 to 12.2.15...

PT-2026-44249

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the RDMA mana component where the mana destroy wq obj cleanup process in mana ib create qp rss is handled...

CVE-2026-46011

A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...

CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtk-jpeg driver failing to cancel the work queue during the release process, potentially...

PT-2026-43723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ib uverbs post send function uses the wqe size variable from userspace without validation before passing it to kmalloc. If a small value is provided for wqe size, the system may...

CVE-2026-45856

RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: API – Use a work queue in cryptoDestroyInstance. The function cryptoDropSpawn is expected to be called from the process context. However, when an instance is not registered while it still has active users, the last user m...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: workqueue: fixed a data race with the pwq-stats increment KCSAN has identified a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-ra...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: pdscore: The pdsccheckpcihealth function was fixed to use a work thread for execution. When the driver detects that fwstatus == 0xff, it attempts to perform a PCI reset on itself using the pciresetfunction function within the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed an issue where incomplete state saving occurred in rxerequester. If a send packet is dropped by the IP layer in rxerequester, the call to rxexmitpacket may fail with an error code -EAGAIN. To recover, the state of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: writeback: Fixed the use of “free” after processing in inodeswitchwbsworkfn. The function inodeswitchwbsworkfn has a loop like this: c wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !list break;...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1909-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1909-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: -...