CVE-2026-23105 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...

SUSE-SU-2025:03578-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024161 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...

SUSE-SU-2025:03563-1 Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744. - CVE-2025-38089: sunrpc: hand...

SUSE-SU-2025:03554-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...

SUSE SLES12 Security Update : kernel (Live Patch 70 for SLE 12 SP5) (SUSE-SU-2025:03485-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03485-1 advisory. This update for the Linux Kernel 4.12.14-122266 fixes one issue. The following security issue was fixed: - CVE-2025-38477: net/sched: schqfq: Fix race...

kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...