CVE-2026-23340 net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs

In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls qdiscresetalltxgt to flush qdiscs for queues which will no longer be used...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the qdiscresetalltxgt operation and the unlocked queue dequeue operation...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005716)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005716 advisory. In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005810)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005810 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005458 advisory. In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in...

kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

A use-after-free flaw was found in hcicmdsyncdequeueonce in net/bluetooth/hcisync.c in Bluetooth: hcisync in Linux Kernel. This vulnerability could even lead to a kernel information leak problem...

CVE-2026-23074

In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...

kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

A use-after-free flaw was found in hcicmdsyncdequeueonce in net/bluetooth/hcisync.c in Bluetooth: hcisync in Linux Kernel. This vulnerability could even lead to a kernel information leak problem...

kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

A use-after-free flaw was found in hcicmdsyncdequeueonce in net/bluetooth/hcisync.c in Bluetooth: hcisync in Linux Kernel. This vulnerability could even lead to a kernel information leak problem...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37823)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37823 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37918)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37918 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38174)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38174 advisory. - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a...

kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...

kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004004)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004004 advisory. In rcucblistdequeue of rcusegcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel wit...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004771 advisory. In rcucblistdequeue of rcusegcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel wit...

ROS-20260114-7323

A vulnerability in the netemdequeue function of the net/sched/schnetem.c module of the net/sched traffic control subsystem of the net/sched kernel of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect...

CVE-2025-71066

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

CVE-2025-71066 net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between etsqdiscchange and etsqdiscdequeue in net/sched: ets that could lead to reuse after...