Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - ice: xsk: disabling TXQ interrupts before flushing the hardware. The function iceqpdis aims to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps involved disabling interrupts on these queue...

CVE-2026-43092

In the Linux kernel, the following vulnerability has been resolved: xsk: validate MTU against usable frame size on bind AFXDP bind currently accepts zero-copy pool configurations without verifying that the device MTU fits into the usable frame space provided by the UMEM chunk. This becomes a...

SUSE-SU-2026:21059-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

CVE-2023-54223 net/mlx5e: xsk: Fix invalid buffer access for legacy rq

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2023-54223 net/mlx5e: xsk: Fix invalid buffer access for legacy rq

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992427)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992427 advisory. In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFAC...

openSUSE 16 Security Update : tcpreplay (openSUSE-SU-2025-20119-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20119-1 advisory. - update to 4.5.2: features added since 4.4.4 - fix/recalculate header checksum for ipv6-frag - IPv6 frag checksum support - AFXDP socket suppor...

CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

UBUNTU-CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2025-37920

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

SUSE CVE-2023-53102

In the Linux kernel, the following vulnerability has been resolved: ice: xsk: disable txq irq before flushing hw iceqpdis intends to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps is to disable interrupts on these queues. It currently is broken in a way that...

SUSE CVE-2024-39293

In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple napi instances redirect to the same...

kernel: ice: xsk: prohibit usage of non-balanced queue id

In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z Above refers to a case where user would like to attach XSK socket in txonly mode at a queue id...

USN-4387-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

USN-4389-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4388-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4388-1 advisory. It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-4389-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4389-1 advisory. It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A...

USN-4388-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...