33 matches found
CVE-2026-46154
CVE-2026-46154 affects the Linux kernel sched_ext functionality. Root cause: in cgroup setters, scx_group_set_{weight,idle,bandwidth}() cache the scx_root before acquiring scx_cgroup_ops_rwsem, enabling a window where the pointer can become stale if a scheduler is disabled and freed (via RCU) and...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cgroup setter in schedext reading scxroot before acquiring a lock. This could lead to reusing...
Linux Distros Unpatched Vulnerability : CVE-2026-43482
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Disable preemption between scxclaimexit and kicking helper work scxclaimexit atomically sets exitkind, which prevents scxerror from triggering further...
CVE-2026-43392
Summary (CVE-2026-43392) : In the Linux kernel, the sched_ext vulnerability causes a potential DoS by starving the enable path in scx_enable() when fair-class workloads saturate the system. The root cause is a switch of the calling thread’s sched_class from fair to ext during the READY→ENABLED lo...
CVE-2026-43392
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's schedclass from fair to ext. Since fair has higher priority than ext,...
CVE-2026-43326
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a redundant cssput call in the schedext module’s scxcgroupinit function. This vulnerability may...
Linux Distros Unpatched Vulnerability : CVE-2026-31734
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit...
CVE-2026-31734
A flaw was found in the Linux kernel's schedext component. An incorrect check for migration-disabled tasks on systems without CONFIGPREEMPTRCU enabled could lead to a task being dispatched to a remote CPU. This can trigger an scxerror in taskcanrunonremoterq, resulting in a Denial of Service...
CVE-2026-31733
A flaw was found in the Linux kernel's schedext component. The scheduler's direct dispatch state ddspdsqid was not consistently cleared across all execution paths. This oversight could leave the system in an incorrect state, leading to spurious warnings and unexpected behavior during task dispatc...
[SECURITY] Fedora 42 Update: rust-scx_rusty-0.5.4-7.fc42
A multi-domain, BPF / user space hybrid scheduler used within schedext, which is a Linux kernel feature which enables implementing kernel thread schedulers in BPF and dynamically loading them. https://github.com/sched-ext/scx/tree/main...
CVE-2025-40260
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix scxenable crash on helper kthread creation failure A crash was observed when the schedext selftests runner was terminated with Ctrl+\ while test 15 was running: NIP c00000000028fa58 scxenable.constprop.0+0x358/0x12b...
UBUNTU-CVE-2025-40260
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix scxenable crash on helper kthread creation failure A crash was observed when the schedext selftests runner was terminated with Ctrl+\ while test 15 was running: NIP c00000000028fa58 scxenable.constprop.0+0x358/0x12b...
CVE-2025-40260 sched_ext: Fix scx_enable() crash on helper kthread creation failure
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix scxenable crash on helper kthread creation failure A crash was observed when the schedext selftests runner was terminated with Ctrl+\ while test 15 was running: NIP c00000000028fa58 scxenable.constprop.0+0x358/0x12b...
Linux Distros Unpatched Vulnerability : CVE-2025-40260
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Fix scxenable crash on helper kthread creation failure A crash was observed when the schedext selftests runner was terminated with Ctrl+\ while test 1...
EUVD-2024-53794
Malicious code in bioql PyPI...
EUVD-2025-5170
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-39780
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sched/ext: Fix invalid task state transitions on class switch When enabling a schedext scheduler, we may trigger invalid task state transitions, resulting in...
CVE-2025-39780
The CVE-2025-39780 entry concerns the Linux kernel sched_ext scheduler. The issue was an invalid task state transition during class switch, caused by skipping initialization for tasks that are already dead (usage counter zero) and not excluding them during the scheduling class transition. The res...
The vulnerability of the bpf_iter_scx_dsq_new() function in the sched_ext component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the bpfiterscxdsqnew function in the schedext component of the Linux operating system lies in the access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...