Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: clsfw: fix NULL dereference of old filters before change Like pointed out by Sashiko 1, since commit ed76f5edccc9 net: sched: protect filterchain lis...

6AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the cls fw module where TC filters are added to a shared block and published to the datapath before their change function is called. This allows an invalid filter...

5.7CVSS6AI score0.00172EPSS
Exploits0References17
CVE
CVE
added 2026/04/13 1:40 p.m.17 views

CVE-2026-31421

CVE-2026-31421 – Linux kernel net/sched cls_fw NULL pointer dereference . Root cause: in fw_classify(), the old-method path uses tcf_block_q() and dereferences q->handle; for shared blocks, block->q is NULL, causing a NULL pointer dereference when a nonzero skb is classified. The fix preven...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing in the clsfw module when shared blocks are involved, potentially...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/01/16 3:57 p.m.2 views

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

7.8CVSS6.6AI score0.00517EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/21 3:47 p.m.1 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00565EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/21 3:30 p.m.3 views

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

7.8CVSS6.6AI score0.00517EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/21 3:12 p.m.2 views

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

7.8CVSS6.6AI score0.00517EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/21 11:50 a.m.4 views

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

7.8CVSS6.6AI score0.00517EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/21 11:31 a.m.3 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00565EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/21 11:31 a.m.3 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00565EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/21 11:20 a.m.3 views

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

7.8CVSS6.6AI score0.00517EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/15 8:35 p.m.2 views

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

7.8CVSS6.6AI score0.00517EPSS
Exploits0References5
Amazon
Amazon
added 2023/10/23 12:0 a.m.7 views

Important: kernel-livepatch-6.1.34-58.102

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...

7.8CVSS7.3AI score0.00517EPSS
Exploits1
Amazon
Amazon
added 2023/09/25 12:0 a.m.4 views

Important: kernel-livepatch-5.10.184-175.749

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...

7.8CVSS6.7AI score0.00517EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/09/08 2:15 a.m.2 views

SUSE CVE-2023-4207

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

7.8CVSS6.4AI score0.00301EPSS
Exploits0References3
OSV
OSV
added 2023/09/06 2:15 p.m.3 views

DEBIAN-CVE-2023-4207

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

7.8CVSS6.5AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2023/09/06 2:15 p.m.6 views

AZL-28678 CVE-2023-4207 affecting package kernel for versions less than 5.15.131.1-2

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

7.8CVSS6.7AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2023/09/06 2:15 p.m.2 views

UBUNTU-CVE-2023-4207

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

7.8CVSS6.7AI score0.00301EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2023/08/01 7:0 a.m.3 views

Use-after-free in Linux kernel's net/sched: cls_fw component

...

7.8CVSS6.8AI score0.00517EPSS
Exploits0
Rows per page
Query Builder