PT-2025-27950 · Linux+6 · Linux Kernel+6

Published

2025-04-08

·

Updated

2026-03-14

·

CVE-2025-38177

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue concerns the hfsc qlen notify() function in the Linux kernel, which is not idempotent and can cause problems for its callers, such as fq codel dequeue(). To address this, changes were made to ensure hfsc qlen notify() is idempotent, including updating update vf() and using RB EMPTY NODE() and RB CLEAR NODE() in eltree remove(). The issue was reportedly exploited in a kernel CTF as a 1-day exploit.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-459

Related Identifiers

AZL-72763
BDU:2025-12111
CVE-2025-38177
DLA-4271-1
DLA-4327-1
OESA-2025-2080
OESA-2025-2118
OESA-2025-2119
OESA-2025-2121
OESA-2025-2122
OESA-2025-2268
OPENSUSE-SU-2025:20081-1
RHSA-2025:14413
RHSA-2025:14511
RHSA-2025:14691
RHSA-2025:14692
RHSA-2025:14696
RHSA-2025:14742
RHSA-2025:14744
RHSA-2025:14746
RHSA-2025:14748
SUSE-SU-2025:02846-1
SUSE-SU-2025:02848-1
SUSE-SU-2025:02849-1
SUSE-SU-2025:02850-1
SUSE-SU-2025:02851-1
SUSE-SU-2025:02852-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:03315-1
SUSE-SU-2025:03317-1
SUSE-SU-2025:03319-1
SUSE-SU-2025:03329-1
SUSE-SU-2025:03336-1
SUSE-SU-2025:03337-1
SUSE-SU-2025:03341-1
SUSE-SU-2025:03342-1
SUSE-SU-2025:03343-1
SUSE-SU-2025:03344-1
SUSE-SU-2025:03350-1
SUSE-SU-2025:03358-1
SUSE-SU-2025:03359-1
SUSE-SU-2025:03362-1
SUSE-SU-2025:03370-1
SUSE-SU-2025:03374-1
SUSE-SU-2025:03375-1
SUSE-SU-2025:03381-1
SUSE-SU-2025:03387-1
SUSE-SU-2025:03391-1
SUSE-SU-2025:03393-1
SUSE-SU-2025:03395-1
SUSE-SU-2025:03397-1
SUSE-SU-2025:03400-1
SUSE-SU-2025:03406-1
SUSE-SU-2025:03408-1
SUSE-SU-2025:03410-1
SUSE-SU-2025:03414-1
SUSE-SU-2025:03418-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:20722-1
SUSE-SU-2025:20723-1
SUSE-SU-2025:20724-1
SUSE-SU-2025:20725-1
SUSE-SU-2025:20726-1
SUSE-SU-2025:20727-1
SUSE-SU-2025:20728-1
SUSE-SU-2025:20729-1
SUSE-SU-2025:20730-1
SUSE-SU-2025:20733-1
SUSE-SU-2025:20734-1
SUSE-SU-2025:20737-1
SUSE-SU-2025:20738-1
SUSE-SU-2025:20768-1
SUSE-SU-2025:20769-1
SUSE-SU-2025:20770-1
SUSE-SU-2025:20771-1
SUSE-SU-2025:20774-1
SUSE-SU-2025:20784-1
SUSE-SU-2025:20785-1
SUSE-SU-2025:20786-1
SUSE-SU-2025:20787-1
SUSE-SU-2025:20788-1
SUSE-SU-2025:20789-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_02846-1
SUSE-SU-2025_02848-1
SUSE-SU-2025_02849-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
SUSE-SU-2025_03344-1
SUSE-SU-2026:0688-1
USN-7653-1
USN-7655-1
USN-7665-2
USN-7671-1
USN-7671-2
USN-7671-3
USN-7686-1
USN-7712-1
USN-7712-2

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu