Количество 55
Количество 55
CVE-2025-37914
net_sched: ets: Fix double list add in class with netem as child qdisc
CVE-2025-37914
In the Linux kernel, the following vulnerability has been resolved: n ...
GHSA-3g9v-mx9v-wmwv
In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows triggers VF (if present) detach/attach procedure. It might involve VF port representor(s) re-creation if the device is configured is switchdev mode (not legacy one). The memory was blindly allocated in current implementation, regardless of the mode and not freed if in legacy mode. Kmemeleak trace: unreferenced object (percpu) 0x7e3bce5b888458 (size 40): comm "bash", pid 1784, jiffies 4295743894 hex dump (first 32 bytes on cpu 45): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): pcpu_alloc_noprof+0x4c4/0x7c0 ice_repr_create+0x66/0x130 [ice] ice_repr_create_vf+0x22/0x70 [ice] ice_e...
BDU:2025-09132
Уязвимость функции pcpu_alloc_noprof() компонента ice ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
GHSA-x88q-4f25-f826
In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of ets, there won't be a UAF, but the code will add the same classifier to the list twice, which will cause memory corruption. In addition to checking for qlen being zero, this patch checks whether the class was already added to the active_list (cl_is_active) before doing the addition to cater for the reentrant case. [1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
BDU:2025-11857
Уязвимость компонента sch_ets.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность данных
RLSA-2025:15005
Moderate: kernel security update
ELSA-2025-15005
ELSA-2025-15005: kernel security update (MODERATE)
ROS-20260203-73-0011
Уязвимость kernel-lt
ELSA-2025-13960
ELSA-2025-13960: kernel security update (IMPORTANT)
SUSE-SU-2025:01964-1
Security update for the Linux Kernel
ELSA-2025-28049
ELSA-2025-28049: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2025-28048
ELSA-2025-28048: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2025:01972-1
Security update for the Linux Kernel
ELSA-2025-20530
ELSA-2025-20530: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2025-20480
ELSA-2025-20480: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2025:01983-1
Security update for the Linux Kernel
SUSE-SU-2025:01707-1
Security update for the Linux Kernel
SUSE-SU-2025:01614-1
Security update for the Linux Kernel
SUSE-SU-2025:01951-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-37914 net_sched: ets: Fix double list add in class with netem as child qdisc | CVSS3: 7 | 0% Низкий | 12 месяцев назад |
| CVE-2025-37914 In the Linux kernel, the following vulnerability has been resolved: n ... | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| GHSA-3g9v-mx9v-wmwv In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows triggers VF (if present) detach/attach procedure. It might involve VF port representor(s) re-creation if the device is configured is switchdev mode (not legacy one). The memory was blindly allocated in current implementation, regardless of the mode and not freed if in legacy mode. Kmemeleak trace: unreferenced object (percpu) 0x7e3bce5b888458 (size 40): comm "bash", pid 1784, jiffies 4295743894 hex dump (first 32 bytes on cpu 45): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): pcpu_alloc_noprof+0x4c4/0x7c0 ice_repr_create+0x66/0x130 [ice] ice_repr_create_vf+0x22/0x70 [ice] ice_e... | CVSS3: 5.5 | 0% Низкий | 11 месяцев назад |
 | BDU:2025-09132 Уязвимость функции pcpu_alloc_noprof() компонента ice ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 7 | 0% Низкий | около 1 года назад |
| GHSA-x88q-4f25-f826 In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of ets, there won't be a UAF, but the code will add the same classifier to the list twice, which will cause memory corruption. In addition to checking for qlen being zero, this patch checks whether the class was already added to the active_list (cl_is_active) before doing the addition to cater for the reentrant case. [1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/ | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| BDU:2025-11857 Уязвимость компонента sch_ets.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность данных | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | RLSA-2025:15005 Moderate: kernel security update | 9 месяцев назад | ||
| ELSA-2025-15005 ELSA-2025-15005: kernel security update (MODERATE) | 10 месяцев назад | ||
 | ROS-20260203-73-0011 Уязвимость kernel-lt | CVSS3: 5.5 | 0% Низкий | 5 месяцев назад |
| ELSA-2025-13960 ELSA-2025-13960: kernel security update (IMPORTANT) | 10 месяцев назад | ||
 | SUSE-SU-2025:01964-1 Security update for the Linux Kernel | около 1 года назад | ||
| ELSA-2025-28049 ELSA-2025-28049: Unbreakable Enterprise kernel security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2025-28048 ELSA-2025-28048: Unbreakable Enterprise kernel security update (IMPORTANT) | 6 месяцев назад | ||
| SUSE-SU-2025:01972-1 Security update for the Linux Kernel | около 1 года назад | ||
| ELSA-2025-20530 ELSA-2025-20530: Unbreakable Enterprise kernel security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2025-20480 ELSA-2025-20480: Unbreakable Enterprise kernel security update (IMPORTANT) | 11 месяцев назад | ||
| SUSE-SU-2025:01983-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2025:01707-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2025:01614-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2025:01951-1 Security update for the Linux Kernel | около 1 года назад |
Уязвимостей на страницу