Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute The syzbot found that the TCAFLOWRSHIFT attribute was not validated. Shifting a 32-bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...

net/sched: cls_flow: fix NULL pointer dereference on shared blocks

...

SUSE CVE-2026-31422

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...

CVE-2026-31422

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...

UBUNTU-CVE-2026-31422

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...

CVE-2026-31422

CVE-2026-31422 affects the Linux kernel’s net/sched subsystem. The vulnerability occurs in flow_change() where tcf_block_q() dereferences q->handle to derive a default baseclass for shared blocks, while block->q can be NULL for shared blocks. The fix adds a check of tcf_block_shared() befor...

CVE-2026-31422

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...

PT-2026-32348

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the flow change function when a flow filter without a fully qualified baseclass is created on a shared block. This happens because flow change calls...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing in the clsflow module when shared blocks are involved, potentially...

UBUNTU-CVE-2025-21653

In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...