Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-38568
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-19 Aug, 2025 | 17:02
Updated At-11 Jun, 2026 | 18:44
Rejected At-
▼CVE Numbering Authority (CNA)
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCA_MQPRIO_TC_ENTRY_INDEX is validated using NLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value TC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack write in the fp[] array, which only has room for 16 elements (0–15). Fix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/sched/sch_mqprio.c
Default Status
unaffected
Versions
Affected
  • From f62af20bed2d9e824f51cfc97ff01bc261f40e58 before 39491e859fd494d0b51adc5c7d54c8a7dcf1d198 (git)
  • From f62af20bed2d9e824f51cfc97ff01bc261f40e58 before d00e4125680f7074c4f42ce3c297336f23128e70 (git)
  • From f62af20bed2d9e824f51cfc97ff01bc261f40e58 before 66fc2ebdd9d5dd6e5a9c7edeace5a61a0ab2cd86 (git)
  • From f62af20bed2d9e824f51cfc97ff01bc261f40e58 before f1a9dbcb7d17bf0abb325cdc984957cfabc59693 (git)
  • From f62af20bed2d9e824f51cfc97ff01bc261f40e58 before ffd2dc4c6c49ff4f1e5d34e454a6a55608104c17 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/sched/sch_mqprio.c
Default Status
affected
Versions
Affected
  • 6.4
Unaffected
  • From 0 before 6.4 (semver)
  • From 6.6.102 through 6.6.* (semver)
  • From 6.12.42 through 6.12.* (semver)
  • From 6.15.10 through 6.15.* (semver)
  • From 6.16.1 through 6.16.* (semver)
  • From 6.17 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://git.kernel.org/stable/c/39491e859fd494d0b51adc5c7d54c8a7dcf1d198
N/A
https://git.kernel.org/stable/c/d00e4125680f7074c4f42ce3c297336f23128e70
N/A
https://git.kernel.org/stable/c/66fc2ebdd9d5dd6e5a9c7edeace5a61a0ab2cd86
N/A
https://git.kernel.org/stable/c/f1a9dbcb7d17bf0abb325cdc984957cfabc59693
N/A
https://git.kernel.org/stable/c/ffd2dc4c6c49ff4f1e5d34e454a6a55608104c17
N/A
Hyperlink: https://git.kernel.org/stable/c/39491e859fd494d0b51adc5c7d54c8a7dcf1d198
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/d00e4125680f7074c4f42ce3c297336f23128e70
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/66fc2ebdd9d5dd6e5a9c7edeace5a61a0ab2cd86
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f1a9dbcb7d17bf0abb325cdc984957cfabc59693
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/ffd2dc4c6c49ff4f1e5d34e454a6a55608104c17
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found