304 matches found
DEBIAN-CVE-2025-37913
In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of qfq,...
UBUNTU-CVE-2025-37913
In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of qfq,...
CVE-2025-37915
CVE-2025-37915 affects the Linux kernel’s net_sched code, specifically the drr scheduler when a netem child qdisc is involved. The issue was a double addition of the same classifier to the active_list, which could cause memory corruption due to reentrancy in the parent qdisc enqueue path (not a U...
kernel: net/sched: accept TCA_STAB only for root qdisc
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...
net: sched: Disallow replacing of child qdisc from one parent to another
...
DEBIAN-CVE-2022-49921
In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in redenqueue We can't use "skb" again after passing it to qdiscenqueue. This is basically identical to commit 2f09707d0c97 "schsfb: Also store skb len before calling child enqueue"...
CVE-2025-37752
In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the check at the end of the...
The vulnerability of the cakeDrop() function in the net/sched/sch_cake.c module of the network scheduling subsystem of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the cakeDrop function in the net/sched/schcake.c module of the network scheduling subsystem of the Linux operating system is related to incomplete cleanup of temporal or auxiliary resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
UBUNTU-CVE-2025-21971
In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent creation of classes with TCHROOT The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created wi...
DEBIAN-CVE-2023-53021
In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: fix possible use-after-free syzbot reported a nasty crash 1 in nettxaction which made little sense until we got a repro. This repro installs a taprio qdisc, but providing an invalid TCARATE attribute...
CVE-2025-21857
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...
Linux Distros Unpatched Vulnerability : CVE-2024-57996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: schsfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this...
Linux Distros Unpatched Vulnerability : CVE-2021-47595
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: don't remove idle classes from the round-robin list Shuang reported that...
SUSE CVE-2022-49183
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...
UBUNTU-CVE-2022-49183
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...
SUSE-SU-2025:0698-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklis...
CVE-2025-21700 net: sched: Disallow replacing of child qdisc from one parent to another
In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Avoid potential underflow in qdiscpktleninit with UFO After committing 7c6d2ecbda83 “net: Be more gentle about silly GSO requests coming from user”, the virtionethdrtoskb function added sanity checks to detect malicious...
net: sched: use RCU read-side critical section in taprio_dump()
...
CLSA-2025-1736783731 kernel: Fix of 10 CVEs
media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - bpf: Fix out-of-bounds write in triegetnextkey CVE-2024-50262 - KVM: nSVM:...