CVE-2026-43496

The CVE-2026-43496 issue is in the Linux kernel net/sched sch_red path. When a red qdisc has children (e.g., qfq) whose peek() callback is qdisc_peek_dequeued(), a parent (e.g., tbf) attempting to retrieve an skb could trigger a kernel panic due to a problematic dequeue path. The documented seque...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions in the DMA ring dequeuing path. This could lead to interference between multiple...

CVE-2026-23340 net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs

In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls qdiscresetalltxgt to flush qdiscs for queues which will no longer be used...

kernel: use-after-free in sch_qfq network scheduler

A use-after-free flaw was found in qfqdequeue and aggdequeue in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This issue may allow a local user to crash the system or escalate their privileges on the system...