14 matches found
EUVD-2025-11821
Malicious code in bioql PyPI...
EUVD-2025-17306
Malicious code in bioql PyPI...
CVE-2025-39677
Summary: CVE-2025-39677 affects the Linux kernel net/sched backlog accounting in qdisc_dequeue_internal for hhf, fq, fq_codel, and fq_pie. The issue occurs when adjusting to a new backlog limit; dequeue paths drop packets from gso_skb without increasing qstats backlog, causing backlog underflow i...
CVE-2025-38637
In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...
CVE-2025-38637
The CVE CVE-2025-38637 affects the Linux kernel skbprio queue in net_sched when used as a child qdisc under Token Bucket Filter (TBF). The root cause is an overly strict assertion in skbprio enqueue/dequeue that can miscount lengths because TBF may peek at packets without dequeueing when tokens a...
CVE-2025-38637 net_sched: skbprio: Remove overly strict queue assertions
In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...
CVE-2025-38637 net_sched: skbprio: Remove overly strict queue assertions
In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...
SUSE CVE-2024-56770
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of netem, 'qlen' only...
CVE-2024-50039
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...
CVE-2024-50039 net/sched: accept TCA_STAB only for root qdisc
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...
CVE-2021-47418
CVE-2021-47418 refers to a Linux kernel vulnerability in net_sched: a NULL pointer dereference inside fifo_set_limit() that could OOPS when adjusting limits on certain qdiscs (notably pfifo_fast, which lacks a change() operation). The issue was reproduced via syzbot and the fix makes fifo_set_lim...
CVE-2021-47418 net_sched: fix NULL deref in fifo_set_limit()
In the Linux kernel, the following vulnerability has been resolved: netsched: fix NULL deref in fifosetlimit syzbot reported another NULL deref in fifosetlimit 1 I could repro the issue with : unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit tc qd replace dev ...
CVE-2021-47418 net_sched: fix NULL deref in fifo_set_limit()
In the Linux kernel, the following vulnerability has been resolved: netsched: fix NULL deref in fifosetlimit syzbot reported another NULL deref in fifosetlimit 1 I could repro the issue with : unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit tc qd replace dev ...
CVE-2013-4563
The udp6ufofragment function in net/ipv6/udpoffload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service panic via a lar...