UBUNTU-CVE-2025-37797

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

CVE-2025-37798

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch-q.qlen check before qdisctreereducebacklog After making all -qlennotify callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fqcodeldequeue and codelqdiscdequeue...

CVE-2025-37797 net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

CVE-2025-37797 net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the removal of an unnecessary qlen check from the codel...

DEBIAN-CVE-2025-38637

In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...

UBUNTU-CVE-2025-38637

In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...

CVE-2025-38637

The CVE CVE-2025-38637 affects the Linux kernel skbprio queue in net_sched when used as a child qdisc under Token Bucket Filter (TBF). The root cause is an overly strict assertion in skbprio enqueue/dequeue that can miscount lengths because TBF may peek at packets without dequeueing when tokens a...

PT-2025-18777

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue concerned the codel controlled delay qdisc queueing discipline in the kernel. Specifically, the problem involved the qlen...

PT-2025-22193

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the htb qlen notify function, which always deactivates the HTB class and could trigger a warning if it is...

SUSE CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

UBUNTU-CVE-2025-21702

In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifotailenqueue will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifotailenqueue...

UBUNTU-CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

CVE-2025-21702 pfifo_tail_enqueue: Drop new packet when sch->limit == 0

In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifotailenqueue will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifotailenqueue...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc Generally, the qlen of any classful qdisc should keep track of the number of packets held by the qdisc itself and all its children. In the case of netem, qlen only...

AZL-55428 CVE-2024-56770 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of netem, 'qlen' only...

CVE-2024-53164

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-q.qlen around qdisctreereducebacklog need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become...

DEBIAN-CVE-2024-53164

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-q.qlen around qdisctreereducebacklog need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become...

UBUNTU-CVE-2024-53164

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-q.qlen around qdisctreereducebacklog need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become...