127 matches found
CVE-2025-38000
In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...
UBUNTU-CVE-2025-38000
In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...
CVE-2025-38000
CVE-2025-38000 affects the Linux kernel HFSC scheduler qlen accounting: when enqueuing the first packet, hfsc_enqueue() previously used child qdisc peek() before updating sch->q.qlen and sch->qstats.backlog, which could trigger a dequeue and leave the HFSC class in an inconsistent state (po...
CVE-2025-38000 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...
PT-2025-24197
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug in the Linux kernel's HFSC qdisc has been identified, which can lead to inconsistent queue accounting. This occurs when the hfsc enqueue function calls the child qdisc's peek...
CVE-2025-22058
CVE-2025-22058 affects the Linux kernel UDP memory accounting. When INT_MAX was used for SO_RCVBUF, an overflow in udp_rmem_release() could wrap the total UDP memory, causing memory accounting to double after socket close and potentially leading to packet drops once rmem_alloc exceeded net.ipv4.u...
SUSE CVE-2025-21903
In the Linux kernel, the following vulnerability has been resolved: mctp i3c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-096)
The version of kernel installed on the remote host is prior to 5.4.290-205.405. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-096 advisory. Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an...
CVE-2025-21702
In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifotailenqueue will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifotailenqueue...
SUSE CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
DEBIAN-CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
UBUNTU-CVE-2025-21676
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
CVE-2025-21676 net: fec: handle page_pool_dev_alloc_pages error
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages but did not handle the case when it returned NULL. There was a WARNON!newpage but it would still proceed to use the NULL point...
SUSE CVE-2024-53043
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...
DEBIAN-CVE-2024-53043
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...
UBUNTU-CVE-2024-53043
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...
UBUNTU-CVE-2024-50145
In the Linux kernel, the following vulnerability has been resolved: octeonep: Add SKB allocation failures handling in octepoqprocessrx buildskb returns NULL in case of a memory allocation failure so handle it inside octepoqprocessrx to avoid NULL pointer dereference. octepoqprocessrx is called...
SUSE CVE-2024-49997
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
SUSE CVE-2022-48911
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: fix possible use-after-free Eric Dumazet says: The sockhold side seems suspect, because there is no guarantee that skrefcnt is not already 0. On failure, we cannot queue the packet and need to indicate an erro...