4 matches found
CVE-2026-43465 net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...
SUSE CVE-2026-43039
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...
CVE-2026-43039
CVE-2026-43039 concerns the Linux kernel icssg-prueth driver. In ZC RX dispatch, emac_dispatch_skb_zc() allocates a new skb via napi_alloc_skb() but fails to copy the received packet data from the XDP buffer, causing uninitialized heap memory to be passed up the stack and potentially leaking kern...
CVE-2025-38570 eth: fbnic: unlink NAPIs from queues on error to open
In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs from queues on error to open CI hit a UaF in fbnic in the AFXDP portion of the queues.py test. The UaF is in the skmarknapiidonce call in xskbind, NAPI has been freed. Looks like the device failed to open...