87 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2025-37797)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37797 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability ...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38107)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38107 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: ets: fix a race in...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: riscv, bpf: Sign extension for struct ops correctly handles return values. The nsbpfqdisc selftest triggers a kernel panic: Unable to handle kernel paging request at virtual address ffffffffa38dbf58. Current testprogs pgtable:...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992760)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992760 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...
Important: kernel-livepatch-6.1.150-174.273
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
SUSE-SU-2025:03539-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072. -...
SUSE-SU-2025:20827-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 - CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth...
SUSE CVE-2023-53559
In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...
CVE-2023-53559 ip_vti: fix potential slab-use-after-free in decode_session6
In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...
CVE-2023-53500
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when the xfrm device sen...
CVE-2023-53500 xfrm: fix slab-use-after-free in decode_session6
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when the xfrm device sen...
Important: kernel-livepatch-6.1.150-174.273
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.1.150-174.273 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
kernel: net/sched: Always pass notifications when child class becomes empty
A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...
UBUNTU-CVE-2022-50356
In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...
CVE-2022-50356 net: sched: sfb: fix null pointer access issue when sfb_init() fails
In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...