Alan

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer dereference issue was discovered in the Linux kernel, specifically in the `htb next rb node()` function after `htb deactivate()` was called. This occurred due to a regression introduced when making `htb qlen notify()` idempotent. The issue arises in a scenario where `htb dequeue tree()` is called, leading to `fq codel dequeue()`, `qdisc tree reduce backlog()`, and then `htb qlen notify()` and `htb deactivate()`. If `htb deactivate()` is called again after `htb next rb node()`, it may trigger a warning. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** To fix the issue, make `htb deactivate()` idempotent by returning immediately if it has already been called before. Make `htb next rb node()` safe against `ptr==NULL` to prevent the NULL pointer dereference. At the moment, there is no information about a newer version that contains a fix for this vulnerability.