26 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing...
SUSE CVE-2026-23074
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
EUVD-2026-28610
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...
CVE-2026-31422 net/sched: cls_flow: fix NULL pointer dereference on shared blocks
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...
SUSE-SU-2026:0495-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. - CVE-2025-38129: pagepool: fix inconsistency for pagepoolringlock...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993220)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993220 advisory. In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...
dm-bufio: don't schedule in atomic context
...
SUSE-SU-2025:20820-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_10
This update for kernel-livepatch-MICRO-6-0-RTUpdate10 fixes the following issues: - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...
EUVD-2025-31966
Malicious code in bioql PyPI...
kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...
kernel: sch_hfsc: make hfsc_qlen_notify() idempotent
In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...
CVE-2025-38522 sched/ext: Prevent update_locked_rq() calls with NULL rq
In the Linux kernel, the following vulnerability has been resolved: sched/ext: Prevent updatelockedrq calls with NULL rq Avoid invoking updatelockedrq when the runqueue rq pointer is NULL in the SCXCALLOP and SCXCALLOPRET macros. Previously, calling updatelockedrqNULL with preemption enabled coul...
sch_htb: make htb_qlen_notify() idempotent
...
SUSE-SU-2025:20419-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...
The vulnerability of the sched_setaffinity() function in the kernel module/sched/syscalls.c file of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the schedsetaffinity function in the kernel module/sched/syscalls.c file of the Linux operating system is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel scheduling component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel scheduling component is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel scheduling component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel scheduling component is related to the use of an uninitialized resource. Exploiting this vulnerability can allow a perpetrator to cause a service failure...