CVE-2026-52984

In the Linux kernel, the following vulnerability has been resolved:

net/sched: netem: fix queue limit check to include reordered packets

The queue limit check in netem enqueue() uses q->t len which only counts packets in the internal tfifo. Packets placed in sch->q by the reorder path ( qdisc enqueue head) are not counted, allowing the total queue occupancy to exceed sch->limit under reordering.

Include sch->q.qlen in the limit check.