225 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: sched: cake: Fixed an issue where a null pointer access occurred when cakeinit failed. When the default qdisc is cake, if the qdisc of devqueue fails to initialize during mqprioinit, cakereset is called to clear resources...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: schcake: A out-of-bounds access issue was fixed during the parsing of TCP options and headers. The TCP option parser in cake qdisc cakegettcpopt and caketcphmaydrop could read one byte out of bounds. When the length of the data...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fixed incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when bufferlimit is set to bufferlimit. The following setup can trigger a warning in htbactivate due to the condition: !cl-leaf.q-q.qlen. Example command: bash tc qdisc del dev lo root...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: Fixed the logic for accounting bulk flows in order to ensure host fairness. In schcake, we keep track of the number of active bulk flows per host. This is done when running in the dst/src host fairness mode, which...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: bounds checks were added to the host bulk flow fairness counts. Although we fixed a logic error in the commit cited below, the syzbot still managed to cause an underflow in the per-host bulk flow counters, resulti...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
RHEL 9 : kernel (RHSA-2026:21209)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21209 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: fix UAF in procgetinode...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
CentOS 9 : kernel-5.14.0-706.el9
"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-706.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: schcake: Do not call cakedestroy from cakeinit. qdiscs should not call their own destroy method from init, because the core stack already does that. syzbot was able to trigger use after free: DEBUGLOCKSWARNONlock-magic != lock...
RLSA-2026:9264 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 For more details about the...
RLSA-2026:8921 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 For more details about the...
Oracle Linux 10 : kernel (ELSA-2026-9264)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9264 advisory. - scsi: qla2xxx: Fix improper freeing of purex item CKI Backport Bot RHEL-159225 CVE-2025-68741 - net/sched: schcake: Fix incorrect qlen reduction in...