EUVD-2026-38851

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix BQL imbalance in TX path Fix a possible BQL imbalance in airohadevxmit, where inflight packets are accounted only for the AIROHANUMTXRING netdev TX queues. The queue index is computed as: qid =...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fixed incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fixed a UAF vulnerability in class handling This patch addresses a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue arises due to a time-of-check/time-of-use condition in hfscchangeclass,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, do not write to the msggetinq field in the callee. This issue involves fixing the problem of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: red: fixed a race condition in redchange. Gerrard Tai reported a race condition in RED, whenever the SFQ perturb timer fires at the wrong time. The race condition is as follows: CPU 0 1: lock root 2: qdisctreeFlushBackl...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: It has been ensured that teql can only be used as a root qdisc. The design intention of teql is that it should only be used as a root qdisc. Therefore, we need to ensure this constraint is respected. Although not very...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop a new packet when sch-limit == 0. Expected behavior: If the scheduler’s limit is reached, pfifotailenqueue will drop a packet from the scheduler’s queue and decrease the scheduler’s qlen by one. Then,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever the SFQ perturb timer fires at the wrong time. The race occurs as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeFlushBacklog 3: unlock...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: hibmcge – fixed the issue of division by zero. When the network port is down, the queue is released, and ring-len becomes 0. In debugfs, the hbggetqueueusednum function will be called, which may lead to a division by zero...

CVE-2026-43031

A flaw was found in the Linux kernel's xilinx axienet network driver. This vulnerability arises from incorrect accounting of Buffer Queue Length BQL, a mechanism that manages network buffer usage, for transmit TX packets that are split across multiple buffer descriptors. If these packet segments...

CVE-2026-43031 net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...

EUVD-2026-26630

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014347 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005810)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005810 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005560)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005560 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...

K000160078: Linux kernel vulnerability CVE-2025-37797

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use conditi...

Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-38350)

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight...

CVE-2026-23105

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...

CVE-2026-23074

In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...

UBUNTU-CVE-2026-23105

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...