Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013865)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013865 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013398 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011390 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005500)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005500 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: We are writin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005490 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in...

CVE-2026-23074

In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38001)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38001 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueu...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37890)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37890 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability ...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37913)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37913 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37914)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37914 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: ets: Fix double list add in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37915)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37915 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: drr: Fix double list add in...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47557: net/sched: schets: do not peek at classes beyond 'nbands' bsc1207361 bsc1225468. CVE-2021-47595: net/sched: schets: do not remove idle classes from the...

ROS-20260114-7323

A vulnerability in the netemdequeue function of the net/sched/schnetem.c module of the net/sched traffic control subsystem of the net/sched kernel of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect...

MiracleLinux 9 : kernel-5.14.0-570.37.1.el9_6 (AXSA:2025-10828:63)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10828:63 advisory. kernel: udp: Fix memory accounting leak. CVE-2025-22058 kernel: netsched: ets: Fix double list add in class with netem as child qdisc CVE-2025-3791...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992760 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free...

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46800)

sch/netem: use after free in netemdequeue If netemdequeue enqueues packet to inner qdisc and that qdisc returns NETXMITSTOLEN. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Always-Incorrect Control Flow Implementation (CVE-2024-56770)

net/sched: netem: The interface fully stops transferring packets and locks. In this case, the child qdisc and tfifo are empty, but 'qlen' indicates the tfifo is at its limit and no more packets are accepted. This plugin only works with Tenable.ot. Please visit...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...