Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: A double addition of the classifier was corrected in the class where netem is a child qdisc. As described in Gerrard’s report 1, there are use cases where a netem child qdisc can make the enqueue callback of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide that two queues are worth merging and set bic-stablemergebfqq and the moment bfqsetupmerge is called...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: bfq: Ensure that the bfqg resource, against which we are queuing requests, is online. BiOS queued into the BFQ IO scheduler can be associated with a cgroup that was already offline. This may lead to the insertion of this...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-007026)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007026 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10:...

SUSE-SU-2026:21074-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

CVE-2026-23105

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...

CVE-2026-23074

In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...

CVE-2026-23105 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...

CVE-2026-23105

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38115)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38115 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash ...

CLSA-2026-1768824748 kernel: Fix of 7 CVEs

fs/proc: fix uaf in procreaddirde CVE-2025-40271 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-2978 - Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 - ALSA: usb-audio: Fix size...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989739 advisory. In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different...

EUVD-2022-55666

In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpiputtable to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpigettable to get the ACPI information, but the acpigettable should be coupled with...

SUSE SLES15 Security Update : kernel (Live Patch 40 for SLE 15 SP4) (SUSE-SU-2025:03551-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03551-1 advisory. This update for the Linux Kernel 5.14.21-15040024164 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc:...

SUSE-SU-2025:03578-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024161 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...

SUSE-SU-2025:03563-1 Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744. - CVE-2025-38089: sunrpc: hand...

SUSE-SU-2025:03554-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...

SUSE-SU-2025:03552-1 Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024170 fixes one issue. The following security issue was fixed: - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...

Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059201 fixes several issues. The following security issues were fixed: CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...