53 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: “We are writing to report that this recent patch 141d34391abbb315d68556b7c67ad97885407547 1 can be bypassed, and a UAF can still occur when HFSC ...
net/sched: sch_hfsc: fix divide-by-zero in rtsc_min()
...
CVE-2026-31423
A flaw was found in the Linux kernel's Hierarchical Fair Service Curve HFSC network scheduler. When processing specific large input values, a calculation error can cause a variable to be truncated to zero. This zero value is then used as a divisor, leading to a divide-by-zero error and a system...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005704)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005704 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: We are writin...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005810)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005810 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
RHEL 7 : kernel (RHSA-2025:21063)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21063 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: core: fix...
kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: netsched: hfsc: Fix a UAF vulnerability in class...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
kernel: net/sched: Always pass notifications when child class becomes empty
A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...
kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...
kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...
kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...