6 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2025-38115)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38115 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash ...
UBUNTU-CVE-2025-38193
In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...
net_sched: sch_sfq: don't allow 1 packet limit
...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdisc implementations maintain their backlog using qdiscpktlenskb, assuming this value remains invariant between the enqueue and dequeue handlers. Unfortunately, the syzbot explo...
SUSE CVE-2024-50039
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...
kernel: ip_vti: fix potential slab-use-after-free in decode_session6
A use-after-free flaw was found in the Linux kernel's ipvti IPsec Virtual Tunnel Interface implementation when transmitting IPv6 packets with the SFB qdisc attached. A local user with CAPNETADMIN capability can trigger this issue by configuring an ipvti interface with an SFB qdisc and sending IPv...