Lucene search
+L

304 matches found

OSV
OSV
added 2025/05/20 4:15 p.m.2 views

DEBIAN-CVE-2025-37913

In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of qfq,...

7.8CVSS6AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2025/05/20 4:15 p.m.4 views

UBUNTU-CVE-2025-37913

In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of qfq,...

8.5CVSS6.3AI score0.00176EPSS
Exploits0References41
CVE
CVE
added 2025/05/20 3:21 p.m.104 views

CVE-2025-37915

CVE-2025-37915 affects the Linux kernel’s net_sched code, specifically the drr scheduler when a netem child qdisc is involved. The issue was a double addition of the same classifier to the active_list, which could cause memory corruption due to reentrancy in the parent qdisc enqueue path (not a U...

7CVSS6.7AI score0.00166EPSS
Exploits0References10Affected Software1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: net/sched: accept TCA_STAB only for root qdisc

In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...

5.5CVSS6.9AI score0.00245EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.7 views

net: sched: Disallow replacing of child qdisc from one parent to another

...

7.8CVSS7.3AI score0.00228EPSS
Exploits0
OSV
OSV
added 2025/05/01 3:16 p.m.1 views

DEBIAN-CVE-2022-49921

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in redenqueue We can't use "skb" again after passing it to qdiscenqueue. This is basically identical to commit 2f09707d0c97 "schsfb: Also store skb len before calling child enqueue"...

7.8CVSS5.5AI score0.00159EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/05/01 12:55 p.m.8 views

CVE-2025-37752

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the check at the end of the...

7.8CVSS5.4AI score0.00233EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.5 views

The vulnerability of the cakeDrop() function in the net/sched/sch_cake.c module of the network scheduling subsystem of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the cakeDrop function in the net/sched/schcake.c module of the network scheduling subsystem of the Linux operating system is related to incomplete cleanup of temporal or auxiliary resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00249EPSS
Exploits0References21Affected Software5
OSV
OSV
added 2025/04/01 4:15 p.m.4 views

UBUNTU-CVE-2025-21971

In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent creation of classes with TCHROOT The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created wi...

5.5CVSS6.2AI score0.00187EPSS
Exploits0References55
OSV
OSV
added 2025/03/27 5:15 p.m.2 views

DEBIAN-CVE-2023-53021

In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: fix possible use-after-free syzbot reported a nasty crash 1 in nettxaction which made little sense until we got a repro. This repro installs a taprio qdisc, but providing an invalid TCARATE attribute...

7.8CVSS5.4AI score0.0018EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/03/12 9:42 a.m.7 views

CVE-2025-21857

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...

5.5CVSS5.6AI score0.00204EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2024-57996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: schsfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this...

5.5CVSS6.7AI score0.00231EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: don't remove idle classes from the round-robin list Shuang reported that...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/27 3:11 a.m.3 views

SUSE CVE-2022-49183

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...

5.5CVSS6.8AI score0.00252EPSS
Exploits0References5
OSV
OSV
added 2025/02/26 7:0 a.m.2 views

UBUNTU-CVE-2022-49183

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...

5.5CVSS6.5AI score0.00252EPSS
Exploits0References7
OSV
OSV
added 2025/02/24 4:35 p.m.14 views

SUSE-SU-2025:0698-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklis...

7.8CVSS8.1AI score0.03301EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/02/13 11:30 a.m.34 views

CVE-2025-21700 net: sched: Disallow replacing of child qdisc from one parent to another

In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...

7.8CVSS0.00228EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Avoid potential underflow in qdiscpktleninit with UFO After committing 7c6d2ecbda83 “net: Be more gentle about silly GSO requests coming from user”, the virtionethdrtoskb function added sanity checks to detect malicious...

5.5CVSS6.4AI score0.00277EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.11 views

net: sched: use RCU read-side critical section in taprio_dump()

...

7.8CVSS7.9AI score0.0023EPSS
Exploits0
OSV
OSV
added 2025/01/13 3:55 p.m.11 views

CLSA-2025-1736783731 kernel: Fix of 10 CVEs

media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - bpf: Fix out-of-bounds write in triegetnextkey CVE-2024-50262 - KVM: nSVM:...

7.8CVSS6.9AI score0.00352EPSS
Exploits1References1
Rows per page
Query Builder