SUSE CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

CVE-2026-45890

A flaw was found in the Linux kernel's xen-netback component. A malicious or buggy Xen guest can exploit this by writing a zero value to the 'multi-queue-num-queues' xenbus key. This improper input validation can trigger a warning in the kernel's memory allocation, leading to a guest-to-host Deni...

EUVD-2026-32356

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

UBUNTU-CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

CVE-2026-45890 xen-netback: reject zero-queue configuration from guest

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

CVE-2026-45890

The CVE-2026-45890 issue affects the Linux kernel Xen-netback. A Xen guest can set multi-queue-num-queues to 0; the connect() validation checks only the upper bound (requested_num_queues > xenvif_max_queues) and does not reject zero. This can reach vzalloc(array_size(0, sizeof(struct xenvif_qu...

PT-2026-43757

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the xen-netback component allows a malicious or buggy Xen guest to cause a guest-to-host denial of service on systems where panic on warn is set to 1. The issue occurs because...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xen-netback backend not verifying that the queue number is zero, potentially leading to a...

CVE-2026-45890

xen-netback: reject zero-queue configuration from guest...

Linux Distros Unpatched Vulnerability : CVE-2026-45890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write 0 to the xenbus key multi-queue-num-queues. The connect functio...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xenvifrxnextskb: Avoid entering this function with an empty rx queue. xenvifrxnextskb expects that the rx queue is not empty. However, if the loop in xenvifrxaction performs multiple iterations, the availability of another skb in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005139)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005139 advisory. In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvifflushhash During the listforeachentryrcu iteration call of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004782)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004782 advisory. Guests can trigger deadlock in Linux netback driver This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001298)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001298 advisory. An issue was discovered in xenvifsethashmapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other product...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000792)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000792 advisory. Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001069)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001069 advisory. The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption. Tenable...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001923)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001923 advisory. The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption. Tenable...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002191 advisory. The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of...