-

CVE-2025-39766

EPSS 0.03%
Veröffentlicht 11.09.2025 16:56:21
Zuletzt bearbeitet 15.09.2025 15:22:38
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

The following setup can trigger a WARNING in htb_activate due to
the condition: !cl->leaf.q->q.qlen

tc qdisc del dev lo root
tc qdisc add dev lo root handle 1: htb default 1
tc class add dev lo parent 1: classid 1:1 \
       htb rate 64bit
tc qdisc add dev lo parent 1:1 handle f: \
       cake memlimit 1b
ping -I lo -f -c1 -s64 -W0.001 127.0.0.1

This is because the low memlimit leads to a low buffer_limit, which
causes packet dropping. However, cake_enqueue still returns
NET_XMIT_SUCCESS, causing htb_enqueue to call htb_activate with an
empty child qdisc. We should return NET_XMIT_CN when packets are
dropped from the same tin and flow.

I do not believe return value of NET_XMIT_CN is necessary for packet
drops in the case of ack filtering, as that is meant to optimize
performance, not to signal congestion.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 7689ab22de36f8db19095f6bdf11f28cfde92f5c

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

Version < de04ddd2980b48caa8d7e24a7db2742917a8b280

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

Version < 0dacfc5372e314d1219f03e64dde3ab495a5a25e

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

Version < 710866fc0a64eafcb8bacd91bcb1329eb7e5035f

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

Version < aa12ee1c1bd260943fd6ab556d8635811c332eeb

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

Version < ff57186b2cc39766672c4c0332323933e5faaa88

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

Version < 62d591dde4defb1333d202410609c4ddeae060b3

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

Version < 15de71d06a400f7fdc15bf377a2552b0ec437cf5

Version 046f6fd5daefac7f5abdafb436b30f63bc7c602b

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.19

Status affected

Version < 4.19

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.103

Status unaffected

Version <= 6.12.*

Version 6.12.44

Status unaffected

Version <= 6.16.*

Version 6.16.4

Status unaffected

Version <= *

Version 6.17-rc3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.077

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/7689ab22de36f8db19095f6bdf11f28cfde92f5c

https://git.kernel.org/stable/c/de04ddd2980b48caa8d7e24a7db2742917a8b280

https://git.kernel.org/stable/c/0dacfc5372e314d1219f03e64dde3ab495a5a25e

https://git.kernel.org/stable/c/710866fc0a64eafcb8bacd91bcb1329eb7e5035f

https://git.kernel.org/stable/c/aa12ee1c1bd260943fd6ab556d8635811c332eeb

https://git.kernel.org/stable/c/ff57186b2cc39766672c4c0332323933e5faaa88

https://git.kernel.org/stable/c/62d591dde4defb1333d202410609c4ddeae060b3

https://git.kernel.org/stable/c/15de71d06a400f7fdc15bf377a2552b0ec437cf5

https://nvd.nist.gov/vuln/detail/CVE-2025-39766

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39766

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39766

EUVD