CVE-2026-43496

A flaw was found in the Linux kernel's networking scheduler component. This vulnerability occurs when a specific queueing discipline qdisc configuration is used, where a parent qdisc attempts to retrieve a network packet from a child qdisc. An incorrect function call during this process can lead ...

CVE-2026-43238

A flaw was found in the Linux kernel. A divide-by-zero vulnerability exists in the tcfskbedithash function within the networking scheduler component. This occurs when calculating the mappingmod value, where a large range wraps to zero, leading to a division by zero error. This flaw can cause a...

CVE-2026-31422

A flaw was found in the Linux kernel's networking scheduler net/sched component, specifically within the flow classifier clsflow. A local user could exploit this vulnerability by creating a flow filter without a fully qualified baseclass on a shared block. This action causes a null pointer...

net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs

...

CVE-2026-23378

A flaw was found in the Linux kernel, specifically within the networking scheduler's Ingress Forwarding Engine IFE action. When an IFE action attempts to replace metadata, it incorrectly appends new metadata instead of replacing the old. This unbounded addition of metadata can lead to an...

CVE-2026-23074

CVE-2026-23074 is a Linux kernel vulnerability in net/sched teql where the teql queuing discipline may be used outside its intended root qdisc, allowing a crafted packet sequence to create a use-after-free scenario in the qfq/qos path due to queue length (qlen) handling. The root cause is that te...

CLSA-2026-1768824748 kernel: Fix of 7 CVEs

fs/proc: fix uaf in procreaddirde CVE-2025-40271 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-2978 - Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 - ALSA: usb-audio: Fix size...

PT-2025-30120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the networking scheduler where certain classful qdiscs may unexpectedly empty a child qdisc, leading to a use-after-free condition. This can occur whe...

PT-2025-18638 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use after free issue has been resolved in the Linux kernel's networking scheduler. The problem occurs because the skb cannot be used again after it is passed to qdisc enqueue. This f...

UBUNTU-CVE-2025-21700

In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...

PT-2025-38166

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the networking scheduler sfb where a null pointer dereference can occur when sfb init fails during the initialization of the default queue disciplin...

Use-after-free in Linux kernel's net/sched: cls_u32 component

...