PT-2025-27968

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the SFQ perturb period in the net sched module. The issue was reported by Gerrard Tai, who found that the SFQ perturb...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a null pointer dereference risk in the GRED scheduler by the sched module...

CVE-2025-21857 net/sched: cls_api: fix error handling causing NULL dereference

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...

CVE-2024-53044

In the Linux kernel, the following vulnerability has been resolved: net/sched: schapi: fix xainsert error path in tcfblockgetext This command: $ tc qdisc replace dev eth0 ingressblock 1 egressblock 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block...

CVE-2024-53044

The CVE refers to Linux kernel net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext(). The issue caused by xa_insert() failure when the same block index is used for ingress and egress, leading to an incorrect teardown and an unbound offload path (FLOW_BLOCK_BIND) not being followed...

Vulnerability of components of Linux operating system’s kernel’s net/sched module, allowing a hacker to cause a service failure

The vulnerability of the net/sched component of the Linux operating system’s kernel is related to the lack of memory release after the effective service life in the tcfskbmoddump function. Exploiting this vulnerability can allow an attacker to cause a service failure...

OESA-2024-1271 A-Tune-Collector security update

A-Tune-Collector is used to collect various system resources. Security Fixes: When the get method in the sched.py file in the A-Tune-Collector software package is used to obtain the process ID, shell command combination and injection risks exist. This flaw could lead to remote arbitrary command...

PT-2023-35156 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.91 Description: A potential issue exists in the Linux Kernel, specifically in the sch taprio component of the net/sched module. The problem may lead to a use-after-free scenario. The actual impact and...

PT-2023-35070 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to a warning during failed attribute validation in the act mpls component of the Linux Kernel's net/sched module. The actual impact and attack plausibility have not yet...