-

CVE-2025-38177

EPSS 0.05%
Veröffentlicht 04.07.2025 12:47:09
Zuletzt bearbeitet 28.08.2025 15:15:48
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

sch_hfsc: make hfsc_qlen_notify() idempotent

hfsc_qlen_notify() is not idempotent either and not friendly
to its callers, like fq_codel_dequeue(). Let's make it idempotent
to ease qdisc_tree_reduce_backlog() callers' life:

1. update_vf() decreases cl->cl_nactive, so we can check whether it is
non-zero before calling it.

2. eltree_remove() always removes RB node cl->el_node, but we can use
   RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 9a5fd5c2f4d4afdd5e405083ee53e0789ce76956

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 72c61ffbeeb8c50f6d4d70c65d3283aa1bac57a7

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < a5efc95a33bd4fcb879250852828cc58c7862970

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 0475c85426b18eccdcb7f9fb58d8f8e9c6c58c87

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 9030a91235ae4845ec71902c3e0cecfc9ed1f2df

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d06476714d2819b550e0cc39222347e2c8941c9d

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < c1175c4ad01dbc9c979d099861fa90a754f72059

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 51eb3b65544c9efd6a1026889ee5fb5aa62da3bb

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.138

Status unaffected

Version <= 6.6.*

Version 6.6.90

Status unaffected

Version <= 6.12.*

Version 6.12.28

Status unaffected

Version <= 6.14.*

Version 6.14.6

Status unaffected

Version <= *

Version 6.15

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.164

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/0475c85426b18eccdcb7f9fb58d8f8e9c6c58c87

https://git.kernel.org/stable/c/9030a91235ae4845ec71902c3e0cecfc9ed1f2df

https://git.kernel.org/stable/c/d06476714d2819b550e0cc39222347e2c8941c9d

https://git.kernel.org/stable/c/c1175c4ad01dbc9c979d099861fa90a754f72059

https://git.kernel.org/stable/c/51eb3b65544c9efd6a1026889ee5fb5aa62da3bb

https://git.kernel.org/stable/c/72c61ffbeeb8c50f6d4d70c65d3283aa1bac57a7

https://git.kernel.org/stable/c/9a5fd5c2f4d4afdd5e405083ee53e0789ce76956

https://git.kernel.org/stable/c/a5efc95a33bd4fcb879250852828cc58c7862970

https://nvd.nist.gov/vuln/detail/CVE-2025-38177

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38177

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38177

EUVD