CVE-2025-38083
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38083
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38083.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38083
- Downstream
- Related
- Published
- 2025-06-20T11:21:51.554Z
- Modified
- 2025-11-28T02:35:05.330887Z
- Summary
- net_sched: prio: fix a race in prio_tune()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netsched: prio: fix a race in priotune()
Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time.
The race is as follows:
CPU 0 CPU 1 | | [5]: lock root | [6]: rehash | [7]: qdisctreereduce_backlog() | This can be abused to underflow a parent's qlen.
Calling qdiscpurgequeue() instead of qdisctreeflush_backlog() should fix the race, because all packets will be purged from the qdisc before releasing the lock.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38083.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/20f68e6a9e41693cb0e55e5b9ebbcb40983a4b8f
- https://git.kernel.org/stable/c/3aaa7c01cf19d9b9bb64b88b65c3a6fd05da2eb4
- https://git.kernel.org/stable/c/4483d8b9127591c60c4eb789d6cab953bc4522a9
- https://git.kernel.org/stable/c/46c15c9d0f65c9ba857d63f53264f4b17e8a715f
- https://git.kernel.org/stable/c/53d11560e957d53ee87a0653d258038ce12361b7
- https://git.kernel.org/stable/c/93f9eeb678d4c9c1abf720b3615fa8299a490845
- https://git.kernel.org/stable/c/d35acc1be3480505b5931f17e4ea9b7617fea4d3
- https://git.kernel.org/stable/c/e3f6745006dc9423d2b065b90f191cfa11b1b584
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38083.json
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-38083
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7b8e0b6e659983154c8d7e756cdb833d89a3d4d7Fixed53d11560e957d53ee87a0653d258038ce12361b7Fixed4483d8b9127591c60c4eb789d6cab953bc4522a9Fixed20f68e6a9e41693cb0e55e5b9ebbcb40983a4b8fFixed3aaa7c01cf19d9b9bb64b88b65c3a6fd05da2eb4Fixed46c15c9d0f65c9ba857d63f53264f4b17e8a715fFixede3f6745006dc9423d2b065b90f191cfa11b1b584Fixed93f9eeb678d4c9c1abf720b3615fa8299a490845Fixedd35acc1be3480505b5931f17e4ea9b7617fea4d3
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced5.0.0Fixed5.4.295
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.239
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.186
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.142
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.94
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.34
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.15.3