287 matches found
SUSE CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890
A flaw was found in the Linux kernel's xen-netback component. A malicious or buggy Xen guest can exploit this by writing a zero value to the 'multi-queue-num-queues' xenbus key. This improper input validation can trigger a warning in the kernel's memory allocation, leading to a guest-to-host Deni...
EUVD-2026-32356
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
UBUNTU-CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890
The CVE-2026-45890 issue affects the Linux kernel Xen-netback. A Xen guest can set multi-queue-num-queues to 0; the connect() validation checks only the upper bound (requested_num_queues > xenvif_max_queues) and does not reject zero. This can reach vzalloc(array_size(0, sizeof(struct xenvif_qu...
CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
CVE-2026-45890 xen-netback: reject zero-queue configuration from guest
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xen-netback backend not verifying that the queue number is zero, potentially leading to a...
Linux Distros Unpatched Vulnerability : CVE-2026-45890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write 0 to the xenbus key multi-queue-num-queues. The connect functio...
PT-2026-43757
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requested num...
CVE-2026-45890
xen-netback: reject zero-queue configuration from guest...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: This issue prevents a Use-after-Free UAF condition in xenvifflushhash. During the listforeachentryrcu iteration, when calling xenvifFlushHash, kfreercu does not exist within the rcu read critical section...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: xen/netback: Avoid entering xenvifrxnextskb with an empty rx queue. xenvifrxnextskb expects the rx queue not to be empty. However, if the loop in xenvifrxaction performs multiple iterations, the availability of another skb in the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005139)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005139 advisory. In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvifflushhash During the listforeachentryrcu iteration call of...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000792)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000792 advisory. Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001069)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001069 advisory. The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption. Tenable...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004782)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004782 advisory. Guests can trigger deadlock in Linux netback driver This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001298)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001298 advisory. An issue was discovered in xenvifsethashmapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other product...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001878)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001878 advisory. Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service...