9 matches found
CVE-2025-38001
The CVE-2025-38001 issue is in the Linux kernel HFSC scheduler under net_sched. The vulnerability permits bypassing the patch in hfsc_enqueue (HFSC_RSC path) and allows inserting the same class twice into the eltree, which can lead to a UAF when HFSC is used with NETEM and may cause an infinite l...
CVE-2021-47515
CVE-2021-47515 relates to a Linux kernel seg6/IPv6 SRH encapsulation issue where the IPv6 socket CB iif was cleared when an IPv4 packet is encapsulated in an IPv6+SRH header. The root cause is that the IP6CB(skb) is cleared (memset) during SRH ip4ip6 encapsulation, and since skb->cb memory is ...
CVE-2025-37890
CVE-2025-37890 affects the Linux kernel net_sched hfsc when a class has a netem child qdisc. The root cause is a use-after-free in class insertion into the vttree/eltree, which can occur in reentrant scenarios; the patch validates n_active to prevent double insertion. The fix is a kernel patch in...
CVE-2022-49394
The CVE-2022-49394 entry describes a Linux kernel vulnerability in blk-iolatency where inflight IO counters could become imbalanced and IOs hang when a cgroup with iolatency is offline or disabled. The root cause is that enabled counters could be manipulated in iolatency_set_limit() and iolatency...
CVE-2025-37913
Summary: CVE-2025-37913 affects the Linux kernel’s net_sched/qfq when a netem child qdisc can cause the parent enqueue callback to be reentrant, risking memory corruption from adding the same classifier twice. The root cause is a double list add in the class when reentry occurs; the fix adds a gu...
CVE-2025-37915
CVE-2025-37915 affects the Linux kernel’s net_sched code, specifically the drr scheduler when a netem child qdisc is involved. The issue was a double addition of the same classifier to the active_list, which could cause memory corruption due to reentrancy in the parent qdisc enqueue path (not a U...
CVE-2022-49812
CVE-2022-49812 describes a Linux kernel vulnerability in the bridge driver’s VLAN offload path. When VLANs are offloaded via switchdev, the bridge marks them with BR_VLFLAG_ADDED_BY_SWITCHDEV. Changing the VLAN protocol triggers notifications to switchdev drivers and also to the 8021q driver, whi...
CVE-2026-23446
CVE-2026-23446 affects the Linux kernel aqc111 USB driver. The vulnerability arises when aqc111_suspend uses the PM variant of write_cmd during suspend, causing pm_runtime_resume_and_get to propagate a suspend wait into rpm_resume on the parent, which can block and hang the network stack. The doc...
CVE-2026-31548
CVE-2026-31548 (Linux kernel, wifi/cfg80211) : A race during interface teardown can cause a pending pmsr_free_wk work item to run after the interface has been removed, leading to undefined behavior or crashes if the driver abort_pmsr callback is invoked on a torn-down interface. The advisory stat...