SUSE CVE-2026-46319

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: Only release RCU read lock after ctft When looking up a flow table in actct in tcfctflowtableget, rhashtablelookupfast internally opens and closes an RCU read critical section before returning ctft. The...

CVE-2026-46319 net/sched: act_ct: Only release RCU read lock after ct_ft

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: Only release RCU read lock after ctft When looking up a flow table in actct in tcfctflowtableget, rhashtablelookupfast internally opens and closes an RCU read critical section before returning ctft. The...

SUSE-SU-2026:2217-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-68310: s390/pci: Use pciueventers in PCI recovery bsc1255160. - CVE-2025-71183: btrfs: always detect...

UBUNTU-CVE-2026-45845

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...

PT-2026-43679

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the Linux kernel's TAPRIO child qdisc implementation. When a TAPRIO child qdisc is deleted via RTM DELQDISC, the taprio graft function stores a NULL...

CVE-2026-45845

net/sched: taprio: fix NULL pointer dereference in class dump...

SUSE CVE-2026-43496

In the Linux kernel, the following vulnerability has been resolved: net/sched: schred: Replace direct dequeue call with peek and qdiscdequeuepeeked When red qdisc has children eg qfq qdisc whose peek callback is qdiscpeekdequeued, we could get a kernel panic. When the parent of such qdiscs eg...

CVE-2026-43496

In the Linux kernel, the following vulnerability has been resolved: net/sched: schred: Replace direct dequeue call with peek and qdiscdequeuepeeked When red qdisc has children eg qfq qdisc whose peek callback is qdiscpeekdequeued, we could get a kernel panic. When the parent of such qdiscs eg...

CVE-2026-43496 net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked

In the Linux kernel, the following vulnerability has been resolved: net/sched: schred: Replace direct dequeue call with peek and qdiscdequeuepeeked When red qdisc has children eg qfq qdisc whose peek callback is qdiscpeekdequeued, we could get a kernel panic. When the parent of such qdiscs eg...

EUVD-2026-31274

In the Linux kernel, the following vulnerability has been resolved: net/sched: schred: Replace direct dequeue call with peek and qdiscdequeuepeeked When red qdisc has children eg qfq qdisc whose peek callback is qdiscpeekdequeued, we could get a kernel panic. When the parent of such qdiscs eg...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove the class from the active list before deleting it in etsqdiscchange. The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. This causes a Use-After-Freeze UAF error on the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 “net: sched: support hash selecting tx queue” added support for SKBEDITFTXQSKBHASH. The inclusive range size is computed as follows: mappingmod =...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fixed the use of “skb” after it is passed to qdiscenqueue. We cannot use “skb” again after passing it to qdiscenqueue. This is essentially identical to commit 2f09707d0c97 “schsfb: Also store skblen before calling chi...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsu32 component, which can be exploited to gain local privilege escalation. If the tcfchangeindev function fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A use-after-free vulnerability exists in the net/sched: schqfq component of the Linux kernel, which can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class for the qfq qdisc, sending network packets triggers a use-after-free in qfqdequeue, due to the incorre...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: Keep allochash updated after hash allocation. In commit 599be01ee567 “netsched: fix an OOB access in clstcindex”, I moved the cp-hash calculation before the first tcindexallocperfecthash call. However, cp-allochash...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed NULL dereferencing in fifosetlimit. syzbot reported another NULL dereferencing in fifosetlimit. 1 The issue can be reproduced with the following command: unshare -n tc qd add dev lo root handle 1:0 tbf limit...

Astra Linux – Vulnerability in Linux, Linux 5.10

An improper update of the reference count vulnerability in the net/sched component of the Linux kernel allows a local attacker to escalate privileges to root. This issue affects Linux Kernel versions prior to 5.18, as well as version 4.14 and later versions...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: do not peek at classes beyond ‘nbands’ When the number of DRR classes decreases, the round-robin active list may contain elements that have already been freed in etsqdiscchange. As a result, it’s possible to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fixed a memory leak in tcindexsetparms. Syzkaller reports a memory leak as follows: ==================================== BUG: Memory leak Unreferenced object: 0xffff88810c287f00 size 256 Comm “syz-executor105”, pid...