145 matches found
EUVD-2026-38851
In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix BQL imbalance in TX path Fix a possible BQL imbalance in airohadevxmit, where inflight packets are accounted only for the AIROHANUMTXRING netdev TX queues. The queue index is computed as: qid =...
PT-2026-51878
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netem component of the network scheduler where the queue limit check in the netem enqueue function incorrectly uses q-t len. This variable only counts packets with...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/sched: It has been ensured that teql can only be used as a root qdisc. The design intention of teql is that it should only be used as a root qdisc. Therefore, we need to ensure this constraint is respected. Although not very...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: Do not write to msggetinq in the callee. A fix for NULL pointer dereferencing issues. msggetinq is an input field from the caller to the callee. Do not set it in the callee, as the caller may not clear it during struct reuse...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: hibmcge – fixed the issue of division by zero. When the network port is down, the queue is released, and ring-len becomes 0. In debugfs, the hbggetqueueusednum function will be called, which may lead to a division by zero...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc Generally, the qlen of any classful qdisc should reflect the number of packets held by the qdisc itself and all its children. In the case of netem, qlen only accounts...
CVE-2026-43031
A flaw was found in the Linux kernel's xilinx axienet network driver. This vulnerability arises from incorrect accounting of Buffer Queue Length BQL, a mechanism that manages network buffer usage, for transmit TX packets that are split across multiple buffer descriptors. If these packet segments...
CVE-2026-43031 net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...
EUVD-2026-26630
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...
Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014347)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014347 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005810)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005810 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fixed incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005560)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005560 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...
K000160078: Linux kernel vulnerability CVE-2025-37797
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use conditi...
Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-38350)
In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight...
CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
CVE-2026-23074
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
UBUNTU-CVE-2026-23074
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...
UBUNTU-CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
EUVD-2026-5436
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...