kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

Important: kernel-livepatch-6.1.150-174.273

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.1.150-174.273 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

CVE-2025-10975

A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoningserver::runreasoningserver of the file experiments/robot/bridge/reasoningserver.py of the component ZeroMQ. Performing manipulati...

CVE-2025-10975

A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoningserver::runreasoningserver of the file experiments/robot/bridge/reasoningserver.py of the component ZeroMQ. Performing manipulati...

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-22874 DESCRIPTION: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected...

kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...

Linux Distros Unpatched Vulnerability : CVE-2025-39869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: ti: edma: Fix memory allocation size for queueprioritymap Fix a critical memory allocation bug in edmasetupfromhw where queueprioritymap was allocate...

AlmaLinux 8 : kernel (ALSA-2025:15785)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15785 advisory. kernel: net: usb: smsc75xx: Limit packet length to skb-len CVE-2023-53125 kernel: net/sched: Always pass notifications when child class becomes empty...

kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

dmaengine: ti: edma: Fix memory allocation size for queue_priority_map

...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc

A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

PT-2025-46615

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to USB networking. Specifically, the rtl8150 set multicast function incorrectly calls netif stop queue and netif wake queue, leading to potentia...

SUSE CVE-2022-50409

In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer dereference: ... 14.471200 Call Trace: 14.471562 14.471882 lockacquire+0x245/0x2e0 14.472416 ? removewaitqueue+0x12/0x50 14.473014 ?...