Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bonding: Check xdp program when setting the bond mode. The following operations may trigger a warning:1 ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp ob...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel’s BPF subsystem. This...

kernel: bonding: check xdp prog when set bond mode

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

CVE-2026-43464

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag correct...

CVE-2026-43465

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...

UBUNTU-CVE-2026-43465

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...

CVE-2026-43465

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a stack-out-of-bounds write in devmap. The getupperifindexes function iterates over all upper devices and writes their indices into an array without checking bounds. Additionally, the calling functions assume that the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the issue where XDP programs generate skb values based on non-linear xdpbuff structures during the striding phase of the XDP process. XDP programs can modify the layout of an xdpbuff using bpfxdpadjusttail and...

CVE-2026-23310

A flaw was found in the Linux kernel's bonding module. A local user could exploit this by changing the transmit hash policy xmithashpolicy to vlan+srcmac on a bonded network interface while an eXpress Data Path XDP program is active. This incompatible configuration change can lead to a kernel...

CVE-2026-23310

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmithashpolicy change when XDP is loaded bondoptionmodeset already rejects mode changes that would make a loaded XDP program incompatible via bondxdpcheck. However, bondoptionxmithashpolicyset has ...

Linux Distros Unpatched Vulnerability : CVE-2026-23310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf/bonding: reject vlan+srcmac xmithashpolicy change when XDP is loaded bondoptionmodeset already rejects mode changes that would make a loaded XDP program...

CVE-2025-40350

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdpbuff for striding RQ XDP programs can change the layout of an xdpbuff through bpfxdpadjusttail and bpfxdpadjusthead. Therefore, the driver cannot assume the size of the linear...

CVE-2025-40350 net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdpbuff for striding RQ XDP programs can change the layout of an xdpbuff through bpfxdpadjusttail and bpfxdpadjusthead. Therefore, the driver cannot assume the size of the linear...

CVE-2025-40123

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...

Linux Distros Unpatched Vulnerability : CVE-2025-40123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gve: guard XDP xmit NDO on existence of xdp queues In GVE, dedicated XDP queues only exist when an XDP program is installed and the interface is up. As such, the NDO XDP XMIT callback should return early if either of these...

PT-2025-51566

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the net/mlx5e component related to handling XDP programs and skb socket buffer generation. XDP programs can modify the layout of an xdp buff using t...

Linux Distros Unpatched Vulnerability : CVE-2023-53577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdpredirectcpu with some...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-380977)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380977 advisory. In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program...