kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-393406)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-393406 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netemenqueue introduced by...

Important: kernel-livepatch-6.1.128-136.201

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog CVE-2025-21703 Affected Packages: kernel-livepatch-6.1.128-136.201 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

Important: kernel-livepatch-5.10.234-225.910

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog CVE-2025-21703 Affected Packages: kernel-livepatch-5.10.234-225.910 Issue Correction: Please ensure you have live patching enabled. Run yum update...

UBUNTU-CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

CVE-2025-21703 netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

CVE-2025-21703 netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-45016)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45016 advisory. - In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate...

CVE-2024-45016 netem: fix return value if duplicate enqueue fails

In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netemenqueue introduced by commit 5845f706388a "net: netem: fix skb length BUGON in skbtosgvec" that can lead to a use-after-free. This commit made netemenqueue...