Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Removal of overly strict queue assertions. In the current implementation, the skbprio enqueue/dequeue operations contain assertions that fail under certain conditions when SKBPRIO is used as a child qdisc under...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: workqueue: Place the pwq after detaching the rescuer from the pool. The commit 68f83057b913 "workqueue: Reap workers via kthreadstop and remove detachcompletion" adds code to reapply the benefits of the workers, but mistakenly do...

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2024-12133 DESCRIPTION: A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate,...

Amazon Linux 2023 : bpftool, kernel6.12, kernel6.12-modules-extra (ALAS2023-2025-994)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-994 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when cowfilerange failed CVE-2024-57976 In the Linux kernel, the following vulnerability has...

PT-2025-27693

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition has been identified in the Linux kernel's ETS Enhanced Transmission Selection component. This issue occurs when the SFQ perturb timer fires at an inappropriate time,...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free...

CVE-2025-38002 io_uring/fdinfo: grab ctx->uring_lock around io_uring_show_fdinfo()

In the Linux kernel, the following vulnerability has been resolved: iouring/fdinfo: grab ctx-uringlock around iouringshowfdinfo Not everything requires locking in there, which is why the 'haslock' variable exists. But enough does that it's a bit unwieldy to manage. Wrap the whole thing in a...

CVE-2025-38000

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

AZL-63684 CVE-2025-38000 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

DEBIAN-CVE-2025-38000

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

UBUNTU-CVE-2025-38000

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

CVE-2025-38000

CVE-2025-38000 affects the Linux kernel HFSC scheduler qlen accounting: when enqueuing the first packet, hfsc_enqueue() previously used child qdisc peek() before updating sch->q.qlen and sch->qstats.backlog, which could trigger a dequeue and leave the HFSC class in an inconsistent state (po...

CVE-2025-38000 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

CVE-2025-38000 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a qlen count error in schhfsc, which could lead to inconsistent queue statistics...

Vulnerabilities of the hci_cmd_sync_queue(), hci_le_terminate_big(), or hci_le_big_terminate() functions in the Linux operating system, allowing attackers to cause service failures

The vulnerabilities of the hcicmdsyncqueue, hcileterminatebig, or hcilebigterminate functions in the Linux operating system are related to memory leaks. Exploiting these vulnerabilities can allow an attacker to cause a service failure...

Vulnerability of the `bfq_check_ioprio_change()` and `__bfq_bic_change_cgroup()` functions in the Linux operating system, allowing a hacker to trigger a service failure

The vulnerability of the bfqcheckiopriochange and bfqbicchangecgroup functions in the Linux kernel is related to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2025-27984 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the nvme-tcp module. The issue occurs when the second admin queue configuration fails, causing a tag set to not be...

CVE-2025-5178

A vulnerability classified as critical has been found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. Affected is an unknown function of the file /adm/ajax.php of the component Image File Handler. The manipulation of the argument files leads to unrestricted upload. It is possible to launc...

CVE-2025-5179

A vulnerability classified as problematic was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. Affected by this vulnerability is an unknown functionality of the file /adm/index.php of the component Cadastro de Administrador Page. The manipulation of the argument Name/Usuário leads to...