Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: schhtb: Make htbqlennotify idempotent. htbqlennotify always disactivates the HTB class, and actually might trigger a warning if it is already disactivated. Therefore, it is not idempotent and is not friendly to its callers, like...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog. The qdisctreereducebacklog function only notifies the parent qdisc if the child qdisc becomes empty. Therefore, we need to reduce the backlog of the child qdisc before calli...

EUVD-2026-27576

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013398 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...

ROS-20260313-73-0027

A vulnerability in the qdisctreereducebacklog function of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005410)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005410 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-394294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-394294 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisctreereducebacklog on TCHROOT In qdisctreereducebacklog, Qdiscs with major...

EUVD-2025-4525

Malicious code in bioql PyPI...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-2043)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : netsched: hfsc: Fix a UAF vulnerability in class with netem as child qdiscCVE-2025-37890 crypto: lzo - Fix compression buffer overrunCVE-2025-3806...

CVE-2025-39677

Summary: CVE-2025-39677 affects the Linux kernel net/sched backlog accounting in qdisc_dequeue_internal for hhf, fq, fq_codel, and fq_pie. The issue occurs when adjusting to a new backlog limit; dequeue paths drop packets from gso_skb without increasing qstats backlog, causing backlog underflow i...

Oracle Linux 9 : kernel (ELSA-2025-15011)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15011 advisory. - xfrm: interface: fix use-after-free after changing collectmd xfrm interface CKI Backport Bot RHEL-109529 CVE-2025-38500 - s390/pci: Fix duplicate...

kernel: sch_hfsc: make hfsc_qlen_notify() idempotent

In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...

kernel: sch_hfsc: make hfsc_qlen_notify() idempotent

In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...

kernel: sch_hfsc: make hfsc_qlen_notify() idempotent

In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...

OESA-2025-2056 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed...

Linux Distros Unpatched Vulnerability : CVE-2025-37798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - codel: remove sch-q.qlen check before qdisctreereducebacklog After making all -qlennotify callbacks idempotent, now it is safe to remove the check of qlen!=0 fr...

UBUNTU-CVE-2025-38177

In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...

PT-2025-27693

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition has been identified in the Linux kernel's ETS Enhanced Transmission Selection component. This issue occurs when the SFQ perturb timer fires at an inappropriate time,...

SUSE CVE-2025-37932

In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like...

UBUNTU-CVE-2025-37932

In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like...