372 matches found
EUVD-2025-17141
Malicious code in bioql PyPI...
kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
RHEL 8 : kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 (RHSA-2025:16582)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16582 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...
CLSA-2025-1758010922 Fix of 51 CVEs
CVE-url: https://ubuntu.com/security/CVE-2025-38000 - schhfsc: Fix qlen accounting bug when using peek in hfscenqueue CVE-url: https://ubuntu.com/security/CVE-2024-57996 // CVE-url: https://ubuntu.com/security/CVE-2025-37752 - netsched: schsfq: move the limit validation Focal update: v5.4.285...
Linux Distros Unpatched Vulnerability : CVE-2025-39766
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition:...
SUSE-SU-2025:03213-1 Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002353 fixes several issues. The following security issues were fixed: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. -...
SUSE-SU-2025:03209-1 Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address...
net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
...
SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP5) (SUSE-SU-2025:03185-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03185-1 advisory. This update for the Linux Kernel 5.14.21-1505005588 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fi...
SUSE CVE-2025-39766
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
SUSE-SU-2025:03195-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-15050055110 fixes several issues. The following security issues were fixed: - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. - CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenque...
SUSE-SU-2025:03190-1 Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...
SUSE-SU-2025:03186-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005580 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...
SUSE-SU-2025:03184-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024164 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. - CVE-2025-38000:...
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024161 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc...
AZL-67232 CVE-2025-39766 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...