CVE-2026-23105
Published: Feb 4, 2026
Modified: May 11, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq. use cl_is_active instead of relying on the child qdisc's qlen to determine class activation.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 462dbc9101acd38e92eda93c0726857517a24bbd - < fac2c67bb2bb732eae4283e45fc338af7e08c254affected 462dbc9101acd38e92eda93c0726857517a24bbd - < b8c24cf5268fb3bfb8d16324c3dbb985f698c835affected 462dbc9101acd38e92eda93c0726857517a24bbd - < f27047abf7cac1b6f90c3ad60de21ef9f717c26daffected 462dbc9101acd38e92eda93c0726857517a24bbd - < 93b8635974fb050c43d07e35e5edfe6e685ca28aaffected 462dbc9101acd38e92eda93c0726857517a24bbd - < abd9fc26ea577561a5ef6241a1b058755ffdad0c+2 more versions |
Linux | Linux | affected 3.8unaffected 0 - < 3.8unaffected 5.10.249 - <= 5.10.*unaffected 5.15.199 - <= 5.15.*unaffected 6.1.162 - <= 6.1.*+4 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now