UBUNTU-CVE-2022-50132

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If 'ep' is NULL, result of eptocdns3epep is invalid pointer and its dereference with privep-cdns3dev may cause panic. Found by Linux...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...

AZL-63684 CVE-2025-38000 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

SUSE CVE-2025-37918

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skbdequeue A NULL pointer dereference can occur in skbdequeue when processing a QCA firmware crash dump on WCN7851 0489:e0f3. 93.672166 Bluetooth: hci0: ACL memdump size589824...

UBUNTU-CVE-2025-37932

In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like...

CVE-2025-37932 sch_htb: make htb_qlen_notify() idempotent

In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like...

kernel: sch/netem: fix use after free in netem_dequeue

A use-after-free vulnerability was found in the Linux kernel. If netemdequeue enqueues a packet to inner qdisc and that qdisc returns NETXMITSTOLEN, the packet is dropped but qdisctreereducebacklog is not called to update the parent's q.qlen...

SUSE CVE-2025-37821

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...

DEBIAN-CVE-2025-37823

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...

CVE-2025-37823

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...

DEBIAN-CVE-2025-37821

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...

UBUNTU-CVE-2025-37823

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...

UBUNTU-CVE-2025-37821

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...

CVE-2025-37823 net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...

CVE-2025-37821

The CVE-2025-37821 issue in the Linux kernel’s scheduler (eevdf) caused se->slice to be set to U64_MAX during a complex dequeue sequence, leading to a large, destabilizing vruntime/vlag mismatch and a potential crash. The root cause was that, when dequeuing a delayed group entity whose parent ...

CVE-2025-37821 sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...

AZL-69725 CVE-2025-37798 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch-q.qlen check before qdisctreereducebacklog After making all -qlennotify callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fqcodeldequeue and codelqdiscdequeue...

UBUNTU-CVE-2025-37798

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch-q.qlen check before qdisctreereducebacklog After making all -qlennotify callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fqcodeldequeue and codelqdiscdequeue...

CVE-2025-37798 codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch-q.qlen check before qdisctreereducebacklog After making all -qlennotify callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fqcodeldequeue and codelqdiscdequeue...

UBUNTU-CVE-2022-49838

In the Linux kernel, the following vulnerability has been resolved: sctp: clear outcurr if all frag chunks of current msg are pruned A crash was reported by Zhen Chen: listdel corruption, ffffa035ddf01c18-next is NULL WARNING: CPU: 1 PID: 250682 at lib/listdebug.c:49 listdelentryvalid+0x59/0xe0...