CVE-2026-46102

In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skbhead leak in strpabortstrp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skbhead. That skb is not...

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

kernel: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the net device is put...

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

SUSE CVE-2026-23255

In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptypeseqshow and provided a patch. Real issue is that ptypeseqnext and ptypeseqshow violate RCU rules. ptypeseqshow runs under rcureadlock, an...

CVE-2026-23064 net/sched: act_ife: avoid possible NULL deref

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003496 advisory. The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial...

CVE-2022-50780

CVE-2022-50780 is a Linux kernel vulnerability described across multiple sources as a use-after-free (UAF) in nfqnl_nf_hook_drop(), triggered when ops_init() fails during net namespace setup. The root cause, as documented, is that data allocated during setup_net() is freed when ops->init() fai...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989893 advisory. In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel,...

AZL-68040 CVE-2025-39905 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl-phydev writes with resolver Currently phylinkresolve protects itself against concurrent phylinkbringupphy or phylinkdisconnectphy calls which modify pl-phydev by relying on...

RHEL 8 : kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 (RHSA-2025:16582)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16582 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

RHEL 9 : kernel (RHSA-2025:15668)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15668 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/iucv: Avoid explicit...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

CVE-2024-53164

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-q.qlen around qdisctreereducebacklog need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become...

DEBIAN-CVE-2022-48780

In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies of these callback...

CVE-2021-47595

In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1 tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2 mauseza...

CVE-2024-36979 net: bridge: mst: fix vlan use-after-free

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage1 in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path br forward delay...

CVE-2023-52782

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadata index is put in t...

CVE-2024-35841

CVE-2024-35841 describes a Linux kernel vulnerability in the TLS path (net: tls) related to splice handling with MSG_SPLICE_PAGES. The issue occurs when moving user pages from msg to msg_pl; if more pages are added than MAX_MSG_FRAGS and the MORE flag is used, the code can attempt to re-fill a fu...