UBUNTU-CVE-2025-38115

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch-q.len can be inflated by packets in sch-gsoskb, and an...

CVE-2022-50100

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpusmask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: ...

SUSE CVE-2025-38083

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock root | ...

SUSE CVE-2022-49958

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix netdevice reference leaks in attachdefaultqdiscs In attachdefaultqdiscs, if a dev has multiple queues and queue 0 fails to attach qdisc because there is no memory in attachonedefaultqdisc. Then dev-qdisc will be...

Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005594 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc123909...

Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. CVE-2024-58013:...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free...

DEBIAN-CVE-2025-37953

In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbdeactivate idempotent Alan reported a NULL pointer dereference in htbnextrbnode after we made htbqlennotify idempotent. It turns out in the following case it introduced some regression: htbdequeuetree: |-...

kernel: block, bfq: fix possible UAF for bfqq->bic with merge chain

A flaw was found in the Budget Fair Queueing BFQ I/O scheduler in the Linux kernel. Handling merged chains of BFQ queues can cause a use-after-free condition and result in a denial of service...

net: sched: Disallow replacing of child qdisc from one parent to another

...

SUSE CVE-2025-37752

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the check at the end of the...

UBUNTU-CVE-2025-22061

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix qid report in airohatcgethtbgetleafqueue Fix the following kernel warning deleting HTB offloaded leafs and/or root HTB qdisc in airohaeth driver properly reporting qid in airohatcgethtbgetleafqueue routine. $tc...

net: sched: fix ets qdisc OOB Indexing

...

OESA-2025-1182 etcd security update

%expand: Security Fixes: A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows th...

SUSE CVE-2024-57996

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixes the following...

SUSE CVE-2025-21714

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using xacmpxchg to make sure this is the only time we are destroying this specific mr. Without this change, we could try to...

SUSE CVE-2021-47646

In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash 1 happened to be triggered in conjunction with commit 2d52c58b9c9b "block, bfq: honor already-setup queue merges". The latter was then reverted by commit...

SUSE CVE-2022-49413

In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup or in case of writeback just starts submitting bios associated with a different cgroup bfqmergebio can operate with stale cgroup...

DEBIAN-CVE-2025-21714

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using xacmpxchg to make sure this is the only time we are destroying this specific mr. Without this change, we could try to...

CVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after free

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using xacmpxchg to make sure this is the only time we are destroying this specific mr. Without this change, we could try to...