Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: The gsoskb list is also flushed during the -change operation. Previously, when reducing the limit of a qdisc using the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004955)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004955 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38115)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38115 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash ...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37992)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37992 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: Flush gsoskb list too during...

Linux Distros Unpatched Vulnerability : CVE-2025-38115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed...

net_sched: Flush gso_skb list too during ->change()

...

AZL-64580 CVE-2025-38115 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch-q.len can be inflated by packets in sch-gsoskb, and an...

DEBIAN-CVE-2025-38115

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch-q.len can be inflated by packets in sch-gsoskb, and an...

SUSE CVE-2025-37992

In the Linux kernel, the following vulnerability has been resolved: netsched: Flush gsoskb list too during -change Previously, when reducing a qdisc's limit via the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb list. This could result in NULL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling gsoskb lists, which could lead to null pointer dereferences...

CVE-2024-36929 net: core: reject skb_copy(_expand) for fraglist GSO skbs

In the Linux kernel, the following vulnerability has been resolved: net: core: reject skbcopyexpand for fraglist GSO skbs SKBGSOFRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash on a...