Уязвимость функции qfq_aggregate() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats.

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats.

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats.

net/sched: sch_qfq: Fix race condition on qfq_aggregate

In the Linux kernel, the following vulnerability has been resolved: n ...

Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5)

Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)

Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP6)

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats.

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7)

Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)

Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP5)