597 matches found
CVE-2026-23378
In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: Fix metalist update behavior Whenever an ife action replace changes the metalist, instead of replacing the old data on the metalist, the current ife code is appending the new metadata. Aside from being...
Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38468)
"In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...
CVE-2026-23270
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...
Linux Distros Unpatched Vulnerability : CVE-2026-23245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actgate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list...
EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-1637)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : scsi: target: Fix WRITESAME No Data Buffer crashCVE-2022-21546 iommu/arm-smmu-v3-sva: Fix mm use-after-freeCVE-2022-49426 module: f...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005410)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005410 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may...
Oracle Linux 7 : kernel (ELSA-2026-0755)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0755 advisory. - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 Orabug: 38860426 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established CVE-2025-40248 In t...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler CVE-2025-38119 In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 In the Linux...
EUVD-2026-5841
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
CVE-2026-23074
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
UBUNTU-CVE-2026-23074
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
CVE-2026-23105 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
CVE-2026-23105 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
CVE-2026-23074 net/sched: Enforce that teql can only be used as root qdisc
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
CVE-2026-23074 net/sched: Enforce that teql can only be used as root qdisc
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
CVE-2026-23064 net/sched: act_ife: avoid possible NULL deref
In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo5111 bsc1237768. CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238729...
Linux Distros Unpatched Vulnerability : CVE-2026-23064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probab...