34 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A use-after-free vulnerability exists in the Linux kernel’s net/sched: schhfsc HFSC qdisc traffic control component. This vulnerability can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e., with the HFSCFSC flag set has a parent without a link-sharing...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fixed a UAF vulnerability in class handling This patch addresses a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue arises due to a time-of-check/time-of-use condition in hfscchangeclass,...
EUVD-2025-13245
Malicious code in bioql PyPI...
EUVD-2023-54476
Malicious code in bioql PyPI...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
kernel: sch_hfsc: make hfsc_qlen_notify() idempotent
In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
UBUNTU-CVE-2025-37797
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
PT-2025-18776
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free vulnerability has been identified in the HFSC qdisc class handling of the Linux kernel. The issue arises from a time-of-check/time-of-use condition in hfsc change class...
Linux Distros Unpatched Vulnerability : CVE-2023-4623
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local privilege...
kernel: net/sched: sch_hfsc UAF
A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : kernel-rt (RHSA-2024:1269)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1269 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
kernel: net/sched: sch_hfsc UAF
A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...
kernel: net/sched: sch_hfsc UAF
A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...
kernel: net/sched: sch_hfsc UAF
A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...
kernel: net/sched: sch_hfsc UAF
A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...
OESA-2023-1845 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvbregisterdevice dynamically allocating fops.CVE-2022-45884 Rejected reason: DO NOT USE THIS CANDIDATE...
OESA-2023-1842 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvbregisterdevice dynamically allocating fops.CVE-2022-45884 Rejected reason: DO NOT USE THIS CANDIDATE...
OESA-2023-1844 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvbregisterdevice dynamically allocating fops.CVE-2022-45884 Rejected reason: DO NOT USE THIS CANDIDATE...