48 matches found
CVE-2026-45856
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the ibuverbspostsend function. A local user can exploit this vulnerability by providing an invalid work queue element size wqesize from userspace without proper validation. This can lead to an...
SUSE CVE-2026-45856
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...
UBUNTU-CVE-2026-45856
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...
CVE-2026-45856
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...
CVE-2026-45856
The CVE-2026-45856 issue affects the Linux kernel's RDMA/uverbs subsystem, specifically ib_uverbs_post_send. The vulnerability arises when cmd.wqe_size from userspace is not validated before kmalloc and using the allocated memory as struct ib_uverbs_send_wr, allowing an out-of-bounds read of kern...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the RDMA uverbs module not verifying the wqesize value in the ibuverbspostsend function. This cou...
Linux Distros Unpatched Vulnerability : CVE-2026-45856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A possible memory leak has been fixed when attempting to issue a CMF WQE. There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/uverbs: A integer overflow issue has been addressed. In the expression “cmd.wqesize cmd.wrcount”, both variables are of type u32 and come from the user space. This multiplication can lead to integer wrapping issues. We al...
CVE-2026-23441
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5eipsecaso struct for each PF, which contains a shared DMA-mapped context...
SUSE CVE-2022-50639
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been...
EUVD-2022-55717
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been...
EUVD-2022-55206
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in...
CVE-2022-50027
A flaw was found in the lpfc module in the Linux kernel. A missing release of allocated memory when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...
CVE-2022-50027
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...
CVE-2022-50027
CVE-2022-50027 is a Linux kernel issue affecting the SCSI lpfc path, where a missing free for the iocbq on failure to issue the CMF WQE can cause a memory leak. The root cause is that if lpfc_sli4_issue_wqe fails (ret_val non-zero), the iocbq request structure is not consistently freed, leading t...
CVE-2022-50027 scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...
CVE-2022-50027 scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...
CVE-2022-50027
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...