-
CVE-2026-52997
- EPSS 0.17%
- Veröffentlicht 24.06.2026 16:29:09
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net/sched: sch_dualpi2: drain both C-queue and L-queue in dualpi2_change()
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_dualpi2: drain both C-queue and L-queue in dualpi2_change() Fix dualpi2_change() to correctly enforce updated limit and memlimit values after a configuration change of the dualpi2 qdisc. Before this patch, dualpi2_change() always attempted to dequeue packets via the root qdisc (C-queue) when reducing backlog or memory usage, and unconditionally assumed that a valid skb will be returned. When traffic classification results in packets being queued in the L-queue while the C-queue is empty, this leads to a NULL skb dereference during limit or memlimit enforcement. This is fixed by first dequeuing from the C-queue path if it is non-empty. Once the C-queue is empty, packets are dequeued directly from the L-queue. Return values from qdisc_dequeue_internal() are checked for both queues. When dequeuing from the L-queue, the parent qdisc qlen and backlog counters are updated explicitly to keep overall qdisc statistics consistent.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
320d031ad6e4d67e8e1ab08ac71efda02bc85683
Version <
86cf2eba2056bcf9c41fba260e599bd95bf9943b
Status
affected
Version
320d031ad6e4d67e8e1ab08ac71efda02bc85683
Version <
3042add80c2c50bd127d570b83319af612efde65
Status
affected
Version
320d031ad6e4d67e8e1ab08ac71efda02bc85683
Version <
478ed6b7d2577439c610f91fa8759a4c878a4264
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.17
Status
affected
Version
0
Version <
6.17
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.07 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/86cf2eba2056bcf9c41fba260e599bd95bf9943b
https://git.kernel.org/stable/c/3042add80c2c50bd127d570b83319af612efde65
https://git.kernel.org/stable/c/478ed6b7d2577439c610f91fa8759a4c878a4264