147 matches found
CVE-2026-52984
Summary : Linux kernel net/sched/netem vulnerability fixed by correcting the queue limit check. The netem_enqueue() limit used q->t_len (internal tfifo only) and did not count packets placed in sch->q by the reorder path (__qdisc_enqueue_head), allowing total queue occupancy to exceed sch-&...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - In the net:sched section, there is a fix for the order of qlen adjustment. - Changes to sch-q.qlen related to qdisctreereducebacklog need to occur before a call to that function. Otherwise, it may fail to notify the parent...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013398)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013398 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...
Oracle Linux 10 : kernel (ELSA-2026-9264)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9264 advisory. - scsi: qla2xxx: Fix improper freeing of purex item CKI Backport Bot RHEL-159225 CVE-2025-68741 - net/sched: schcake: Fix incorrect qlen reduction in...
ROS-20260317-73-0005
A vulnerability in the qlennotify function of the sched component of the sched kernel of Linux operating systems is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005809)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005809 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may...
SUSE-SU-2026:20615-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 and SL MIxro 6.2 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40147: blk-throttle: fix access race during throttle policy activation bsc1253344. - CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-113 (ALASKERNEL-5.10-2026-113)
The version of kernel installed on the remote host is prior to 5.10.248-247.988. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-113 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the...
SUSE CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
CVE-2026-23074
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37798)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37798 advisory. - In the Linux kernel, the following vulnerability has been resolved: codel: remove sch-q.qlen check before...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38000)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38000 advisory. - In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when...
SUSE CVE-2025-68325
In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...
CVE-2025-68325
In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...
CVE-2025-68325
In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...
UBUNTU-CVE-2025-68325
In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...
CVE-2025-68325
CVE-2025-68325 is a Linux kernel vulnerability in the net/sched cake path. The fix addresses an incorrect qlen/backlog reduction in cake_drop when cake_enqueue() may return NET_XMIT_CN, which could leave the qdisc tree accounting inconsistent and lead to a NULL dereference (e.g., if the parent is...
Linux Distros Unpatched Vulnerability : CVE-2025-68325
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy...