306 matches found
net/sched: netem: fix queue limit check to include reordered packets
...
Linux Distros Unpatched Vulnerability : CVE-2026-52984
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: netem: fix queue limit check to include reordered packets The queue limit check in netemenqueue uses q-tlen which only counts packets in the internal...
EUVD-2026-38852
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: fix queue limit check to include reordered packets The queue limit check in netemenqueue uses q-tlen which only counts packets in the internal tfifo. Packets placed in sch-q by the reorder path qdiscenqueuehead...
CVE-2026-52984
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: fix queue limit check to include reordered packets The queue limit check in netemenqueue uses q-tlen which only counts packets in the internal tfifo. Packets placed in sch-q by the reorder path qdiscenqueuehead...
CVE-2026-52984
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: fix queue limit check to include reordered packets The queue limit check in netemenqueue uses q-tlen which only counts packets in the internal tfifo. Packets placed in sch-q by the reorder path qdiscenqueuehead...
CVE-2026-52984
CVE-2026-52984 affects the Linux kernel netem queue limit check in net/sched. The bug counts queue length using q->t_len, excluding packets enqueued via reorder (__qdisc_enqueue_head); fix adds sch->q.qlen to the limit check. Impact is local, with potential high availability impact under pa...
CVE-2026-52984 net/sched: netem: fix queue limit check to include reordered packets
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: fix queue limit check to include reordered packets The queue limit check in netemenqueue uses q-tlen which only counts packets in the internal tfifo. Packets placed in sch-q by the reorder path qdiscenqueuehead...
PT-2026-51878
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netem component of the network scheduler where the queue limit check in the netem enqueue function incorrectly uses q-t len. This variable only counts packets with...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: sch/netem: fixed the use of memory after deallocation in netemdequeue. If netemdequeue enqueues a packet to an inner qdisc, and that qdisc returns NETXMITSTOLEN. As a result, the packet is dropped, but qdisctreereducebacklog i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc Generally, the qlen of any classful qdisc should reflect the number of packets held by the qdisc itself and all its children. In the case of netem, qlen only accounts...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Added a check on the len parameter to prevent empty skb objects. This prevents a division error in the netemenqueue function, which occurs when skb-len=0 and skb-datalen=0 during the randomized corruption...
Unity Linux 20.1060a Security Update: kernel (UTSA-2026-016780)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016780 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's...
CVE-2026-31675
A flaw was found in the Linux kernel's netem network emulator module. When processing certain non-linear network packets, specifically those sent via an AFPACKET TXRING over an IPIP tunnel, a calculation error can occur. This error leads to an out-of-bounds memory access, which could result in...
net/sched: sch_netem: fix out-of-bounds access in packet corruption
...
SUSE CVE-2026-31675
In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...
CVE-2026-31675
In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...
CVE-2026-31675 net/sched: sch_netem: fix out-of-bounds access in packet corruption
In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...
CVE-2026-31675
In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...
EUVD-2026-25642
In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...
CVE-2026-31675
CVE-2026-31675 — Linux kernel netem out-of-bounds in packet corruption The issue arises in net/sched: sch_netem where the packet corruption logic selects an index into skb->data using get_random_u32_below(skb_headlen(skb)). For AF_PACKET TX_RING sending fully non-linear packets over an IPIP tu...