PT-2026-2587 · Linux+2 · Linux Kernel+2

Published

2026-01-13

·

Updated

2026-05-11

·

CVE-2025-71066

CVSS v3.1

7.5

High

VectorAV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a race condition within the ets qdisc change function related to the handling of Quality of Service (QoS) classes. This condition can lead to a Use-After-Free (UAF) issue on struct Qdisc objects. An attacker with the capability to create new user and network namespaces can trigger this issue. The vulnerability occurs because classes may remain in the active list even after their associated qdiscs are freed, potentially allowing for control of RIP (Return-Oriented Programming). The issue is resolved by ensuring that a class is always removed from the active list before its qdisc is deleted.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2025-71066
ECHO-F5CF-77DE-3316
MGASA-2026-0017
MGASA-2026-0018
OPENSUSE-SU-2026:20287-1
SUSE-SU-2026:0447-1
SUSE-SU-2026:0472-1
SUSE-SU-2026:0587-1
SUSE-SU-2026:0928-1
SUSE-SU-2026:0961-1
SUSE-SU-2026:0984-1
SUSE-SU-2026:1003-1
SUSE-SU-2026:1041-1
SUSE-SU-2026:1077-1
SUSE-SU-2026:1081-1
SUSE-SU-2026:1131-1
SUSE-SU-2026:1684-1
SUSE-SU-2026:1686-1
SUSE-SU-2026:1691-1
SUSE-SU-2026:1694-1
SUSE-SU-2026:1698-1
SUSE-SU-2026:1708-1
SUSE-SU-2026:1710-1
SUSE-SU-2026:1725-1
SUSE-SU-2026:1728-1
SUSE-SU-2026:1733-1
SUSE-SU-2026:1735-1
SUSE-SU-2026:1770-1
SUSE-SU-2026:1771-1
SUSE-SU-2026:1776-1
SUSE-SU-2026:1787-1
SUSE-SU-2026:1793-1
SUSE-SU-2026:1798-1
SUSE-SU-2026:1801-1
SUSE-SU-2026:1804-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20555-1
SUSE-SU-2026:20599-1
SUSE-SU-2026:20615-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
SUSE-SU-2026:21114-1
SUSE-SU-2026:21123-1
SUSE-SU-2026:21468-1
SUSE-SU-2026:21469-1
SUSE-SU-2026:21470-1
SUSE-SU-2026:21471-1
SUSE-SU-2026:21472-1
SUSE-SU-2026:21473-1
SUSE-SU-2026:21474-1
SUSE-SU-2026:21475-1
SUSE-SU-2026:21476-1
SUSE-SU-2026:21477-1
SUSE-SU-2026:21479-1
SUSE-SU-2026:21480-1
SUSE-SU-2026:21481-1
SUSE-SU-2026:21482-1
SUSE-SU-2026:21483-1
SUSE-SU-2026:21484-1
SUSE-SU-2026:21485-1
SUSE-SU-2026:21487-1
SUSE-SU-2026:21491-1
SUSE-SU-2026:21495-1
SUSE-SU-2026:21496-1
SUSE-SU-2026:21497-1
SUSE-SU-2026:21498-1
SUSE-SU-2026:21499-1
SUSE-SU-2026:21501-1
SUSE-SU-2026:21503-1
SUSE-SU-2026:21504-1
SUSE-SU-2026:21505-1
SUSE-SU-2026:21506-1
SUSE-SU-2026:21507-1
SUSE-SU-2026:21508-1
SUSE-SU-2026:21509-1
SUSE-SU-2026:21510-1
SUSE-SU-2026:21511-1
SUSE-SU-2026:21512-1
SUSE-SU-2026:21513-1
SUSE-SU-2026:21514-1
SUSE-SU-2026:21515-1
SUSE-SU-2026:21522-1
SUSE-SU-2026:21523-1
SUSE-SU-2026:21526-1
SUSE-SU-2026:21527-1
SUSE-SU-2026:21528-1
SUSE-SU-2026:21529-1
SUSE-SU-2026:21531-1
SUSE-SU-2026:21532-1
SUSE-SU-2026:21533-1
SUSE-SU-2026:21554-1
SUSE-SU-2026:21555-1
SUSE-SU-2026:21562-1
SUSE-SU-2026:21563-1
SUSE-SU-2026:21591-1
SUSE-SU-2026:21598-1
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8116-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8177-1
USN-8177-2
USN-8179-1
USN-8179-2
USN-8179-3
USN-8179-4
USN-8183-1
USN-8183-2
USN-8184-1
USN-8185-1
USN-8185-2
USN-8203-1
USN-8204-1
USN-8243-1
USN-8245-1
USN-8257-1
USN-8258-1
USN-8260-1
USN-8261-1
USN-8265-1
ZDI-26-289

Affected Products

Linuxmint
Linux Kernel
Ubuntu