251 matches found
EUVD-2025-27883
Malicious code in bioql PyPI...
EUVD-2025-26107
Malicious code in bioql PyPI...
EUVD-2025-20015
Malicious code in bioql PyPI...
EUVD-2025-17141
Malicious code in bioql PyPI...
kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...
kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...
Important: kernel-livepatch-6.12.31-35.92
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.12.31-35.92 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.40-63.107
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.12.40-63.107 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.1.148-173.267
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper CVE-2025-39691...
Important: kernel-livepatch-6.12.40-64.114
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.12.40-64.114 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.35-55.103
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.12.35-55.103 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.40-63.114
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.12.40-63.114 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.37-61.105
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.12.37-61.105 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
DEBIAN-CVE-2025-39860
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue freed sk and touched it after that. The root cause would be the racy...
CVE-2025-39860
CVE-2025-39860 – Linux kernel Bluetooth UAF in l2cap_sock_cleanup_listen() . The vulnerability arises from a race between bt_accept_dequeue() and l2cap_sock_cleanup_listen() where a socket could be freed while another path still holds a reference. The root cause is a race in the l2cap_sock_cleanu...
SUSE CVE-2025-39677
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal This issue applies for the following qdiscs: hhf, fq, fqcodel, and fqpie, and occurs in their change handlers when adjusting to the new limit. The problem is the following...
net/sched: Fix backlog accounting in qdisc_dequeue_internal
...
CVE-2025-39677
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal This issue applies for the following qdiscs: hhf, fq, fqcodel, and fqpie, and occurs in their change handlers when adjusting to the new limit. The problem is the following...