18 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: schets: do not remove idle classes from the round-robin list Shuang reported that the following scripts cause issues when executed: 1 tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7...
SUSE-SU-2026:1793-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...
SUSE-SU-2026:21505-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting ...
SUSE-SU-2026:21484-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting ...
SUSE-SU-2026:21496-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI...
CVE-2026-23379
CVE-2026-23379 affects the Linux kernel net/sched ETS offload path. The root cause was an overflow in WRR weight computation (q_sum, q_psum) due to using 32-bit unsigned integers, which could lead to division by zero. The documented fix is to switch q_sum and q_psum to 64-bit integers, preventing...
ROS-20260304-73-0003
A vulnerability in the etsqdiscchange function of the netsched component of the Linux kernel is related to simultaneous execution using a shared resource with incorrect synchronization. Exploitation of the vulnerability allows an attacker to cause a denial of service...
net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
...
CVE-2025-71066
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between etsqdiscchange and etsqdiscdequeue in net/sched: ets that could lead to reuse after...
CVE-2025-38107 net_sched: ets: fix a race in ets_qdisc_change()
In the Linux kernel, the following vulnerability has been resolved: netsched: ets: fix a race in etsqdiscchange Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock roo...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from netsched ets competing conditions in etsqdiscchange...
PT-2025-27693
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition has been identified in the Linux kernel's ETS Enhanced Transmission Selection component. This issue occurs when the SFQ perturb timer fires at an inappropriate time,...
SUSE CVE-2025-37992
In the Linux kernel, the following vulnerability has been resolved: netsched: Flush gsoskb list too during -change Previously, when reducing a qdisc's limit via the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb list. This could result in NULL...
CVE-2025-37992
In the Linux kernel, the following vulnerability has been resolved: netsched: Flush gsoskb list too during -change Previously, when reducing a qdisc's limit via the -change operation, only the main skb queue was trimmed, potentially leaving packets in the gsoskb list. This could result in NULL...
CVE-2025-37992
CVE-2025-37992 affects the Linux kernel net_sched subsystem. Affected: qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie). Root cause: during qdisc ->change(), trimming only the main queue could leave packets on the gso_skb list, risking NULL pointer dereference when sch->limit is compared to s...
PT-2025-22889
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns a NULL pointer dereference in the Linux kernel's net sched component. When reducing a qdisc's limit via the -change operation, only the main skb queue was trimmed,...
The vulnerability of the sch_ets component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the schets component in the Linux operating system’s kernel is related to a memory corruption in the etsqdiscchange function. Exploiting this vulnerability can allow an attacker to cause a service failure...