Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005500)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005500 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: We are writin...

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

CVE-2025-38001 net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch 141d34391abbb315d68556b7c67ad97885407547 1 can be bypassed, and a UAF can still occur when HFSC ...

CVE-2025-37890 net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report 1, we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that...