CVE-2025-38000

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug in the Linux kernel's HFSC qdisc has been identified, which can lead to inconsistent queue accounting. This occurs when the hfsc enqueue() function calls the child qdisc's peek() operation before updating the queue length and backlog. If the child qdisc uses qdisc peek dequeued(), this may trigger an immediate dequeue and potential packet drop, resulting in inconsistent queue accounting. This can cause an empty HFSC class to remain in the active list, leading to further consequences such as use-after-free.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-63684

BDU:2025-12066

CESA-2025_16582

CVE-2025-38000

DLA-4327-1

DLA-4328-1

DSA-5973-1

ECHO-E607-B11E-04DF

OESA-2025-1871

OESA-2025-2077

OESA-2025-2078

OESA-2025-2079

OESA-2025-2081

OESA-2025-2082

RHSA-2025:12209

RHSA-2025:14413

RHSA-2025:14511

RHSA-2025:14692

RHSA-2025:14742

RHSA-2025:14744

RHSA-2025:14746

RHSA-2025:14748

SUSE-SU-2025:02249-1

SUSE-SU-2025:02254-1

SUSE-SU-2025:02264-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:02320-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02333-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02335-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:02538-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:03097-1

SUSE-SU-2025:03100-1

SUSE-SU-2025:03104-1

SUSE-SU-2025:03106-1

SUSE-SU-2025:03108-1

SUSE-SU-2025:03109-1

SUSE-SU-2025:03111-1

SUSE-SU-2025:03123-1

SUSE-SU-2025:03124-1

SUSE-SU-2025:03126-1

SUSE-SU-2025:03129-1

SUSE-SU-2025:03130-1

SUSE-SU-2025:03133-1

SUSE-SU-2025:03135-1

SUSE-SU-2025:03138-1

SUSE-SU-2025:03143-1

SUSE-SU-2025:03148-1

SUSE-SU-2025:03153-1

SUSE-SU-2025:03154-1

SUSE-SU-2025:03156-1

SUSE-SU-2025:03160-1

SUSE-SU-2025:03165-1

SUSE-SU-2025:03175-1

SUSE-SU-2025:03179-1

SUSE-SU-2025:03180-1

SUSE-SU-2025:03181-1

SUSE-SU-2025:03182-1

SUSE-SU-2025:03184-1

SUSE-SU-2025:03185-1

SUSE-SU-2025:03186-1

SUSE-SU-2025:03190-1

SUSE-SU-2025:03191-1

SUSE-SU-2025:03194-1

SUSE-SU-2025:03195-1

SUSE-SU-2025:03207-1

SUSE-SU-2025:03208-1

SUSE-SU-2025:03209-1

SUSE-SU-2025:03210-1

SUSE-SU-2025:03212-1

SUSE-SU-2025:03213-1

SUSE-SU-2025:03215-1

SUSE-SU-2025:03217-1

SUSE-SU-2025:03222-1

SUSE-SU-2025:03223-1

SUSE-SU-2025:03226-1

SUSE-SU-2025:03235-1

SUSE-SU-2025:20475-1

SUSE-SU-2025:20483-1

SUSE-SU-2025:20493-1

SUSE-SU-2025:20498-1

SUSE-SU-2025:20698-1

SUSE-SU-2025:20699-1

SUSE-SU-2025:20700-1

SUSE-SU-2025:20701-1

SUSE-SU-2025:20702-1

SUSE-SU-2025:20703-1

SUSE-SU-2025:20704-1

SUSE-SU-2025:20705-1

SUSE-SU-2025:20706-1

SUSE-SU-2025:20707-1

SUSE-SU-2025:20709-1

SUSE-SU-2025:20710-1

SUSE-SU-2025:20711-1

SUSE-SU-2025:20712-1

SUSE-SU-2025:20714-1

SUSE-SU-2025:20761-1

SUSE-SU-2025:20762-1

SUSE-SU-2025:20763-1

SUSE-SU-2025:20764-1

SUSE-SU-2025:20766-1

SUSE-SU-2025:20767-1

SUSE-SU-2025:20775-1

SUSE-SU-2025:20776-1

SUSE-SU-2025:20777-1

SUSE-SU-2025:20778-1

SUSE-SU-2025:20779-1

SUSE-SU-2025:20780-1

SUSE-SU-2025:20782-1

SUSE-SU-2025:2264-1

SUSE-SU-2025:4123-1

SUSE-SU-2025_02249-1

SUSE-SU-2025_02254-1

SUSE-SU-2025_02264-1

SUSE-SU-2025_02307-1

SUSE-SU-2025_02308-1

SUSE-SU-2025_02333-1

SUSE-SU-2025_02334-1

SUSE-SU-2025_02335-1

SUSE-SU-2025_02537-1

SUSE-SU-2025_02538-1

USN-7608-1

USN-7608-2

USN-7608-3

USN-7608-4

USN-7608-5

USN-7608-6

USN-7608-7

USN-7609-1

USN-7609-2

USN-7609-3

USN-7609-4

USN-7609-5

USN-7610-1

USN-7610-2

USN-7610-3

USN-7611-1

USN-7611-2

USN-7611-3

USN-7611-4

USN-7618-1

USN-7627-1

USN-7627-2

USN-7628-1

USN-7653-1

USN-7655-1

USN-7665-2

USN-7671-1

USN-7671-2

USN-7671-3

USN-7686-1

USN-7712-1

USN-7712-2

Affected Products

Astra Linux

Centos

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2025-38000

Weakness Enumeration

Related Identifiers

Affected Products

References · 2716