CVE-2025-38107

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A race condition has been identified in the Linux kernel's ETS (Enhanced Transmission Selection) component. This issue occurs when the SFQ perturb timer fires at an inappropriate time, allowing for a race between two CPUs. The race condition involves the qdisc tree flush backlog() and qdisc tree reduce backlog() functions, which can lead to an underflow of a parent's queue length (qlen). This can be exploited by calling qdisc purge queue() instead of qdisc tree flush backlog(), ensuring all packets are purged from the qdisc before releasing the lock.

Recommendations: To resolve this issue, consider applying the fix that replaces qdisc tree flush backlog() with qdisc purge queue() in the ets qdisc change() function to prevent the race condition. At the moment, there is no information about a newer version that contains a fix for this vulnerability.