PT-2025-26304 · Linux+6 · Linux Kernel+6

Gerrard Tai

·

Published

2025-06-11

·

Updated

2026-05-26

·

CVE-2025-38083

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A race condition has been identified in the Linux kernel's PRIO component, specifically when the SFQ perturb timer fires at an inappropriate time. This issue can be exploited to underflow a parent's qlen. The race occurs between two CPUs when one locks the root, flushes the qdisc tree backlog, and then unlocks the root, while the other CPU locks the root, rehashes, reduces the qdisc tree backlog, and then the first CPU puts the qdisc. To fix this issue, calling qdisc purge queue() instead of qdisc tree flush backlog() should resolve the race by purging all packets from the qdisc before releasing the lock.
Recommendations: As a temporary workaround, consider modifying the code to call qdisc purge queue() instead of qdisc tree flush backlog() to prevent the race condition. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Race Condition

Weakness Enumeration

CWE-366CWE-362

Related Identifiers

AZL-64211
BDU:2025-11467
CVE-2025-38083
DLA-4327-1
DLA-4328-1
DSA-5973-1
ECHO-61F5-B70F-BDF1
MGASA-2025-0218
MGASA-2025-0219
OESA-2026-1759
OESA-2026-1760
OESA-2026-1761
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02264-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02308-1
SUSE-SU-2025:02320-1
SUSE-SU-2025:02321-1
SUSE-SU-2025:02322-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02334-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02537-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02820-1
SUSE-SU-2025:02821-1
SUSE-SU-2025:02827-1
SUSE-SU-2025:02830-1
SUSE-SU-2025:02832-1
SUSE-SU-2025:02833-1
SUSE-SU-2025:02834-1
SUSE-SU-2025:02854-1
SUSE-SU-2025:02857-1
SUSE-SU-2025:02858-1
SUSE-SU-2025:02859-1
SUSE-SU-2025:02860-1
SUSE-SU-2025:02871-1
SUSE-SU-2025:02873-1
SUSE-SU-2025:02875-1
SUSE-SU-2025:02876-1
SUSE-SU-2025:02894-1
SUSE-SU-2025:02897-1
SUSE-SU-2025:02902-1
SUSE-SU-2025:02908-1
SUSE-SU-2025:02909-1
SUSE-SU-2025:02911-1
SUSE-SU-2025:02917-1
SUSE-SU-2025:02918-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02926-1
SUSE-SU-2025:02930-1
SUSE-SU-2025:02932-1
SUSE-SU-2025:02934-1
SUSE-SU-2025:02937-1
SUSE-SU-2025:02938-1
SUSE-SU-2025:02942-1
SUSE-SU-2025:02943-1
SUSE-SU-2025:02945-1
SUSE-SU-2025:02955-1
SUSE-SU-2025:20475-1
SUSE-SU-2025:20483-1
SUSE-SU-2025:20493-1
SUSE-SU-2025:20498-1
SUSE-SU-2025:20633-1
SUSE-SU-2025:20634-1
SUSE-SU-2025:20635-1
SUSE-SU-2025:20636-1
SUSE-SU-2025:20637-1
SUSE-SU-2025:20638-1
SUSE-SU-2025:20639-1
SUSE-SU-2025:20640-1
SUSE-SU-2025:20641-1
SUSE-SU-2025:20642-1
SUSE-SU-2025:20643-1
SUSE-SU-2025:20644-1
SUSE-SU-2025:20645-1
SUSE-SU-2025:20646-1
SUSE-SU-2025:20647-1
SUSE-SU-2025:20648-1
SUSE-SU-2025:20676-1
SUSE-SU-2025:20677-1
SUSE-SU-2025:20678-1
SUSE-SU-2025:20679-1
SUSE-SU-2025:20680-1
SUSE-SU-2025:20681-1
SUSE-SU-2025:20682-1
SUSE-SU-2025:20684-1
SUSE-SU-2025:20685-1
SUSE-SU-2025:20686-1
SUSE-SU-2025:20687-1
SUSE-SU-2025:20688-1
SUSE-SU-2025:20689-1
SUSE-SU-2025:20690-1
SUSE-SU-2025:2264-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02264-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02308-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02334-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02537-1
SUSE-SU-2025_02538-1
USN-7681-1
USN-7681-2
USN-7681-3
USN-7682-1
USN-7682-2
USN-7682-3
USN-7682-4
USN-7682-5
USN-7682-6
USN-7683-1
USN-7683-2
USN-7683-3
USN-7686-1
USN-7701-1
USN-7701-2
USN-7701-3
USN-7711-1
USN-7712-1
USN-7712-2
USN-7719-1
USN-7721-1
USN-7737-1
USN-7819-1
USN-7819-2
USN-7832-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu