Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-37798

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-02 May, 2025 | 14:16
Updated At-03 Nov, 2025 | 19:55
Rejected At-
Credits

codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdisc_dequeue().

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:02 May, 2025 | 14:16
Updated At:03 Nov, 2025 | 19:55
Rejected At:
▼CVE Numbering Authority (CNA)
codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdisc_dequeue().

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/sched/sch_codel.c
  • net/sched/sch_fq_codel.c
Default Status
unaffected
Versions
Affected
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before 7a742a9506849d1c1aa71e36c89855ceddc7d58e (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before cc71a757da78dd4aa1b4a9b19cb011833730ccf2 (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before eda741fe155ddf5ecd2dd3bfbd4fc3c0c7dbb450 (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before 829c49b6b2ff45b043739168fd1245e4e1a91a30 (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before 2f9761a94bae33d26e6a81b31b36e7d776d93dc1 (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before 4d55144b12e742404bb3f8fee6038bafbf45619d (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before e73c838c80dccb9e4f19becc11d9f3cb4a27d483 (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before a57fe60ef4cf96bfbb6b58397ec28bdb5a5c6b31 (git)
  • From 76e3cc126bb223013a6b9a0e2a51238d1ef2e409 before 342debc12183b51773b3345ba267e9263bdfaaef (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/sched/sch_codel.c
  • net/sched/sch_fq_codel.c
Default Status
affected
Versions
Affected
  • 3.5
Unaffected
  • From 0 before 3.5 (semver)
  • From 5.4.297 through 5.4.* (semver)
  • From 5.10.241 through 5.10.* (semver)
  • From 5.15.190 through 5.15.* (semver)
  • From 6.1.135 through 6.1.* (semver)
  • From 6.6.88 through 6.6.* (semver)
  • From 6.12.24 through 6.12.* (semver)
  • From 6.13.12 through 6.13.* (semver)
  • From 6.14.3 through 6.14.* (semver)
  • From 6.15 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/7a742a9506849d1c1aa71e36c89855ceddc7d58e
N/A
https://git.kernel.org/stable/c/cc71a757da78dd4aa1b4a9b19cb011833730ccf2
N/A
https://git.kernel.org/stable/c/eda741fe155ddf5ecd2dd3bfbd4fc3c0c7dbb450
N/A
https://git.kernel.org/stable/c/829c49b6b2ff45b043739168fd1245e4e1a91a30
N/A
https://git.kernel.org/stable/c/2f9761a94bae33d26e6a81b31b36e7d776d93dc1
N/A
https://git.kernel.org/stable/c/4d55144b12e742404bb3f8fee6038bafbf45619d
N/A
https://git.kernel.org/stable/c/e73c838c80dccb9e4f19becc11d9f3cb4a27d483
N/A
https://git.kernel.org/stable/c/a57fe60ef4cf96bfbb6b58397ec28bdb5a5c6b31
N/A
https://git.kernel.org/stable/c/342debc12183b51773b3345ba267e9263bdfaaef
N/A
Hyperlink: https://git.kernel.org/stable/c/7a742a9506849d1c1aa71e36c89855ceddc7d58e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/cc71a757da78dd4aa1b4a9b19cb011833730ccf2
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/eda741fe155ddf5ecd2dd3bfbd4fc3c0c7dbb450
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/829c49b6b2ff45b043739168fd1245e4e1a91a30
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/2f9761a94bae33d26e6a81b31b36e7d776d93dc1
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/4d55144b12e742404bb3f8fee6038bafbf45619d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/e73c838c80dccb9e4f19becc11d9f3cb4a27d483
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a57fe60ef4cf96bfbb6b58397ec28bdb5a5c6b31
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/342debc12183b51773b3345ba267e9263bdfaaef
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
N/A
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:02 May, 2025 | 15:15
Updated At:06 Nov, 2025 | 20:49

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdisc_dequeue().

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 3.5(inclusive) to 5.4.297(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.5(inclusive) to 5.10.241(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.11(inclusive) to 5.15.190(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.16(inclusive) to 6.1.135(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.2(inclusive) to 6.6.88(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.7(inclusive) to 6.12.24(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.13(inclusive) to 6.13.12(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.14(inclusive) to 6.14.3(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.15
cpe:2.3:o:linux:linux_kernel:6.15:rc1:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/2f9761a94bae33d26e6a81b31b36e7d776d93dc1416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/342debc12183b51773b3345ba267e9263bdfaaef416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/4d55144b12e742404bb3f8fee6038bafbf45619d416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/7a742a9506849d1c1aa71e36c89855ceddc7d58e416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/829c49b6b2ff45b043739168fd1245e4e1a91a30416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/a57fe60ef4cf96bfbb6b58397ec28bdb5a5c6b31416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/cc71a757da78dd4aa1b4a9b19cb011833730ccf2416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/e73c838c80dccb9e4f19becc11d9f3cb4a27d483416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/eda741fe155ddf5ecd2dd3bfbd4fc3c0c7dbb450416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.htmlaf854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlaf854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Third Party Advisory
Hyperlink: https://git.kernel.org/stable/c/2f9761a94bae33d26e6a81b31b36e7d776d93dc1
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/342debc12183b51773b3345ba267e9263bdfaaef
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/4d55144b12e742404bb3f8fee6038bafbf45619d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/7a742a9506849d1c1aa71e36c89855ceddc7d58e
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/829c49b6b2ff45b043739168fd1245e4e1a91a30
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/a57fe60ef4cf96bfbb6b58397ec28bdb5a5c6b31
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/cc71a757da78dd4aa1b4a9b19cb011833730ccf2
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/e73c838c80dccb9e4f19becc11d9f3cb4a27d483
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/eda741fe155ddf5ecd2dd3bfbd4fc3c0c7dbb450
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

2301Records found
CVE-2025-21855
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.16%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 09:42
Updated-03 Nov, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ibmvnic: Don't reference skb after sending to VIOS

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb memory after sending the buffer to the VIOS because, at any point after sending, the VIOS can trigger an interrupt to free this memory. A race between reading skb->len and freeing the skb is possible (especially during LPM) and will result in use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic] Read of size 4 at addr c00000024eb48a70 by task hxecom/14495 <...> Call Trace: [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable) [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0 [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8 [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0 [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic] [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358 <...> Freed by task 0: kasan_save_stack+0x34/0x68 kasan_save_track+0x2c/0x50 kasan_save_free_info+0x64/0x108 __kasan_mempool_poison_object+0x148/0x2d4 napi_skb_cache_put+0x5c/0x194 net_tx_action+0x154/0x5b8 handle_softirqs+0x20c/0x60c do_softirq_own_stack+0x6c/0x88 <...> The buggy address belongs to the object at c00000024eb48a00 which belongs to the cache skbuff_head_cache of size 224 ==================================================================

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 45
  • 46
  • 47
  • Next
Details not found