net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-43031
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-01 15:16:47 UTC
Updated2026-05-01 15:24:14 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors (scatter-gather), axienet_free_tx_chain sums the per-BD actual length from descriptor status into a caller-provided accumulator. That sum is reset on each NAPI poll. If the BDs for a single packet complete across different polls, the earlier bytes are lost and never credited to BQL. This causes BQL to think bytes are permanently in-flight, eventually stalling the TX queue. The SKB pointer is stored only on the last BD of a packet. When that BD completes, use skb->len for the byte count instead of summing per-BD status lengths. This matches netdev_sent_queue(), which debits skb->len, and naturally survives across polls because no partial packet contributes to the accumulator.

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected c900e49d58eb32b192b6d200ace4ae3ab89779d4 2a0323a913109b52bfc9f5ea7b92a1b249e07d3e git Not specified
CNA Linux Linux affected c900e49d58eb32b192b6d200ace4ae3ab89779d4 3c3a6b9020c01fde7b22e8550105de0b59904f61 git Not specified
CNA Linux Linux affected c900e49d58eb32b192b6d200ace4ae3ab89779d4 d1978d03e86785872871bff9c2623174b10740de git Not specified
CNA Linux Linux affected 6.15 Not specified
CNA Linux Linux unaffected 6.15 semver Not specified
CNA Linux Linux unaffected 6.18.22 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.12 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/3c3a6b9020c01fde7b22e8550105de0b59904f61 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/2a0323a913109b52bfc9f5ea7b92a1b249e07d3e 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/d1978d03e86785872871bff9c2623174b10740de 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report