CVE-2026-23105
- Source
- https://cve.org/CVERecord?id=CVE-2026-23105
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23105.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23105
- Downstream
- Related
- Published
- 2026-02-04T16:08:26.376Z
- Modified
- 2026-03-28T17:29:52.856514Z
- Summary
- net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfrom_ag
This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq. use clisactive instead of relying on the child qdisc's qlen to determine class activation.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23105.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/77f1afd0bb4d5da95236f6114e6d0dfcde187ff6
- https://git.kernel.org/stable/c/93b8635974fb050c43d07e35e5edfe6e685ca28a
- https://git.kernel.org/stable/c/abd9fc26ea577561a5ef6241a1b058755ffdad0c
- https://git.kernel.org/stable/c/b8c24cf5268fb3bfb8d16324c3dbb985f698c835
- https://git.kernel.org/stable/c/d837fbee92453fbb829f950c8e7cf76207d73f33
- https://git.kernel.org/stable/c/f27047abf7cac1b6f90c3ad60de21ef9f717c26d
- https://git.kernel.org/stable/c/fac2c67bb2bb732eae4283e45fc338af7e08c254
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23105.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23105
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced462dbc9101acd38e92eda93c0726857517a24bbdFixedfac2c67bb2bb732eae4283e45fc338af7e08c254Fixedb8c24cf5268fb3bfb8d16324c3dbb985f698c835Fixedf27047abf7cac1b6f90c3ad60de21ef9f717c26dFixed93b8635974fb050c43d07e35e5edfe6e685ca28aFixedabd9fc26ea577561a5ef6241a1b058755ffdad0cFixed77f1afd0bb4d5da95236f6114e6d0dfcde187ff6Fixedd837fbee92453fbb829f950c8e7cf76207d73f33
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced3.8.0Fixed5.10.249
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.199
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.162
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.122
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.68
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.8