CVE-2025-38468

In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...

CVE-2025-38000

CVE-2025-38000 affects the Linux kernel HFSC scheduler qlen accounting: when enqueuing the first packet, hfsc_enqueue() previously used child qdisc peek() before updating sch->q.qlen and sch->qstats.backlog, which could trigger a dequeue and leave the HFSC class in an inconsistent state (po...

CVE-2025-22058

CVE-2025-22058 affects the Linux kernel UDP memory accounting. When INT_MAX was used for SO_RCVBUF, an overflow in udp_rmem_release() could wrap the total UDP memory, causing memory accounting to double after socket close and potentially leading to packet drops once rmem_alloc exceeded net.ipv4.u...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-096)

The version of kernel installed on the remote host is prior to 5.4.290-205.405. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-096 advisory. Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an...