In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.

In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.

In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.

In the Linux kernel, the following vulnerability has been resolved: s ...

In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.

Уязвимость компонента net/sched/sch_hfsc.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 67 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 64 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)

Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6)

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP7)

Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)