CVE-2025-38637
net_sched: skbprio: Remove overly strict queue assertions
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: net_sched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion
that fails under certain conditions when SKBPRIO is used as a child qdisc under
TBF with specific parameters. The failure occurs because TBF sometimes peeks at
packets in the child qdisc without actually dequeuing them when tokens are
unavailable. This peek operation creates a discrepancy between the parent and child qdisc
queue length counters. When TBF later receives a high-priority packet,
SKBPRIO's queue length may show a different value than what's reflected in its
internal priority queue tracking, triggering the assertion. The fix removes this overly strict assertions in SKBPRIO, they are not
necessary at all.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net_sched: skbprio: eliminar aserciones de cola demasiado estrictas En la implementación actual, skbprio enqueue/dequeue contiene una aserción que falla bajo ciertas condiciones cuando SKBPRIO se usa como una qdisc secundaria bajo TBF con parámetros específicos. El fallo se produce porque TBF a veces echa un vistazo a los paquetes en la qdisc secundaria sin realmente sacarlos de la cola cuando los tokens no están disponibles. Esta operación de vistazo crea una discrepancia entre los contadores de longitud de cola de la qdisc primaria y secundaria. Cuando TBF recibe posteriormente un paquete de alta prioridad, la longitud de cola de SKBPRIO puede mostrar un valor diferente al que se refleja en su seguimiento interno de cola de prioridad, lo que activa la aserción. La corrección elimina estas aserciones demasiado estrictas en SKBPRIO, no son necesarias en absoluto.
In the Linux kernel, the following vulnerability has been resolved: net_sched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specific parameters. The failure occurs because TBF sometimes peeks at packets in the child qdisc without actually dequeuing them when tokens are unavailable. This peek operation creates a discrepancy between the parent and child qdisc queue length counters. When TBF later receives a high-priority packet, SKBPRIO's queue length may show a different value than what's reflected in its internal priority queue tracking, triggering the assertion. The fix removes this overly strict assertions in SKBPRIO, they are not necessary at all.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2025-04-16 CVE Reserved
- 2025-04-18 CVE Published
- 2025-05-04 CVE Updated
- 2025-05-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/aea5f654e6b78a0c976f7a25950155932c77a53f | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 5.4.292 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.4.292" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 5.10.236 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.10.236" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 5.15.180 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.15.180" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 6.1.134 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.1.134" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 6.6.87 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.6.87" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 6.12.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.12.23" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 6.13.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.13.11" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 6.14.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.14.2" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19 < 6.15-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.15-rc1" | en |
Affected
| ||||||