236 matches found
CVE-2026-53011
A flaw was found in the Linux kernel's networking scheduler, specifically within the taprio module. When the system attempts to switch schedules, a use-after-free vulnerability occurs in the advancesched function. This happens because a pointer to an old schedule entry is still used after the...
EUVD-2026-38879
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix use-after-free in advancesched on schedule switch In advancesched, when shouldchangeschedules returns true, switchschedules is called to promote the admin schedule to oper. switchschedules queues the old op...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to bypass the restriction imposed by the criticized commit in the “Fixes” tag, because the taprio UAPI allows a cycle time that ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In a rather strange API design decision, qdisc-destroy is called even if qdisc-init never succeeded. This isn’t exclusive to the commit 87b60cfacf9f “netsched:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If an TCATAPRIOATTRPRIOMAP attribute is provided, the taprioparsemqprioopt function must validate it. Otherwise, arbitrary data can be injected into the kernel when the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: taprio: improper checking of the TCATAPRIOTCENTRYINDEX attribute The taprioparsetcentry function does not correctly check the TCATAPRIOTCENTRYINDEX attribute: int tc; // Signed value tc =...
net/sched: taprio: fix NULL pointer dereference in class dump
...
SUSE CVE-2026-45845
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...
CVE-2026-45845
A flaw was found in the Linux kernel's TAPRIO Traffic Policing and Rate Limiting I/O qdisc. An unprivileged local user, with namespace-scoped CAPNETADMIN capabilities, can trigger a kernel null pointer dereference. This occurs by creating a TAPRIO qdisc in a new network namespace, grafting and th...
CVE-2026-45845
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...
UBUNTU-CVE-2026-45845
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...
CVE-2026-45845
The CVE-2026-45845 entry concerns the Linux kernel net/sched TAPRIO implementation. A NULL pointer dereference in taprio_dump_class can occur when a TAPRIO child qdisc is deleted and new == NULL in taprio_graft, leading to dereferencing child->handle during RTM_GETTCLASS dumps. The issue is re...
CVE-2026-45845 net/sched: taprio: fix NULL pointer dereference in class dump
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...
CVE-2026-45845
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...
EUVD-2026-32171
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...
CVE-2026-45845
net/sched: taprio: fix NULL pointer dereference in class dump...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the net/sched/taprio module failing to perform null pointer checks on deleted sub-qdisc objects...
Linux Distros Unpatched Vulnerability : CVE-2026-45845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and...
PT-2026-43679
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the Linux kernel's TAPRIO child qdisc implementation. When a TAPRIO child qdisc is deleted via RTM DELQDISC, the taprio graft function stores a NULL...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: In the net/sched module, there is an issue with taprio: Limiting TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller encountered a division error 0 in the divs64rem function, which is called from getcycletimeelapsed. In this functio...