Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Added the missing skbmarkforrecycle function. It should be noted that the skbmarkforrecycle function was introduced later than the “fixes” tag in commit 6a5bcd84e886 “pagepool: Allow drivers to hint on SKB recycling...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: Destroy queues before realnumtxqueues is zeroed xennetDestroyQueues relies on info-netdev-realnumtxqueues to delete queues. Since d7dac083414eb5bb99a6d2ed53dc2c1b405224e5 “net-sysfs: Update the queue counts in the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xen-netfront: Fixed NULL pointers after live migration. NAPIs are set up for each network interface to poll data for the kernel. The interface with the source host is destroyed during live migration, and a new interface with t...

ROS-20260203-73-0004

A vulnerability in the xen-netfront.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CLSA-2026-1769610819 kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27393)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27393 advisory. - In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing...

CLSA-2026-1768669128 kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

MiracleLinux 9 : kernel-5.14.0-427.24.1.el9_4 (AXSA:2024-8559:21)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8559:21 advisory. kernel: net/mlx5e: Fix operation precedence bug in port timestamping napipoll context CVE-2023-52626 kernel: Bluetooth: Avoid potential use-after-fr...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.8.el7.AXS7 (AXSA:2025-9625:10)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9625:10 advisory. media: edia: dvbdev: fix a use-after-free CVE-2024-27043 btrfs: dev-replace: properly validate device names CVE-2024-26791 KVM: nSVM: Ignore nCR34:0...

xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()

...

CLSA-2025-1762455270 kernel: Fix of 6 CVEs

fix: virtio-net: Add validation for used length CVE-2021-47352 - xen/netfront: don't use gnttabqueryforeignaccess for mapped status CVE-2022-23037 - net/sched: schqfq: Fix race condition on qfqaggregate CVE-2025-38477 - net: fix information leakage in /proc/net/ptype CVE-2022-48757 - net: atm:...

CLSA-2025-1762454401 kernel: Fix of 6 CVEs

fix: virtio-net: Add validation for used length CVE-2021-47352 - xen/netfront: don't use gnttabqueryforeignaccess for mapped status CVE-2022-23037 - net/sched: schqfq: Fix race condition on qfqaggregate CVE-2025-38477 - net: fix information leakage in /proc/net/ptype CVE-2022-48757 - net: atm:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989189 advisory. In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990052 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989104 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before realnumtxqueues is zeroed xennetdestroyqueues relies on...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987256)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987256 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before realnumtxqueues is zeroed xennetdestroyqueues relies on...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986278)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986278 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before realnumtxqueues is zeroed xennetdestroyqueues relies on...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986308)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986308 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before realnumtxqueues is zeroed xennetdestroyqueues relies on...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986857)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986857 advisory. In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll...

Linux Distros Unpatched Vulnerability : CVE-2025-37820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xen-netfront: handle NULL returned by xdpconvertbufftoframe The function xdpconvertbufftoframe may return NULL if it fails to correctly convert the XDP buffer...