CVE-2025-37798

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-37798

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37798.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-37798

Downstream

AZL-69725

BELL-CVE-2025-37798

CLSA-2025-1757922878

CLSA-2025-1759431860

CLSA-2025-1759431869

CLSA-2025-1764085382

DEBIAN-CVE-2025-37798

DLA-4193-1

DLA-4327-1

ECHO-c699-557f-ec7d

MINI-6qj4-w2xc-rxqp

OESA-2025-2054

OESA-2025-2055

OESA-2025-2056

OESA-2025-2058

OESA-2025-2059

ROOT-OS-DEBIAN-11-CVE-2025-37798

ROOT-OS-DEBIAN-12-CVE-2025-37798

ROOT-OS-UBUNTU-2204-CVE-2025-37798

SUSE-SU-2025:01614-1

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01965-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:01972-1

SUSE-SU-2025:01983-1

SUSE-SU-2025:02000-1

SUSE-SU-2025:02254-1

SUSE-SU-2025:02264-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:02320-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02333-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:02846-1

SUSE-SU-2025:02848-1

SUSE-SU-2025:02849-1

SUSE-SU-2025:02850-1

SUSE-SU-2025:02851-1

SUSE-SU-2025:02852-1

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:02996-1

SUSE-SU-2025:02997-1

SUSE-SU-2025:03011-1

SUSE-SU-2025:03023-1

SUSE-SU-2025:03344-1

SUSE-SU-2025:20343-1

SUSE-SU-2025:20344-1

SUSE-SU-2025:20354-1

SUSE-SU-2025:20355-1

SUSE-SU-2025:20408-1

SUSE-SU-2025:20413-1

SUSE-SU-2025:20419-1

SUSE-SU-2025:20421-1

SUSE-SU-2025:20577-1

SUSE-SU-2025:20586-1

SUSE-SU-2025:20601-1

SUSE-SU-2025:20602-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:2264-1

openSUSE-SU-2025:20081-1

Related

Published

2025-05-02T14:16:02.623Z

Modified

2026-05-28T03:54:11.269870934Z

Summary

codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

Details

In the Linux kernel, the following vulnerability has been resolved:

codel: remove sch->q.qlen check before qdisctreereduce_backlog()

After making all ->qlennotify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fqcodeldequeue() and codelqdisc_dequeue().

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37798.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

76e3cc126bb223013a6b9a0e2a51238d1ef2e409

Fixed

7a742a9506849d1c1aa71e36c89855ceddc7d58e

Fixed

cc71a757da78dd4aa1b4a9b19cb011833730ccf2

Fixed

eda741fe155ddf5ecd2dd3bfbd4fc3c0c7dbb450

Fixed

829c49b6b2ff45b043739168fd1245e4e1a91a30

Fixed

2f9761a94bae33d26e6a81b31b36e7d776d93dc1

Fixed

4d55144b12e742404bb3f8fee6038bafbf45619d

Fixed

e73c838c80dccb9e4f19becc11d9f3cb4a27d483

Fixed

a57fe60ef4cf96bfbb6b58397ec28bdb5a5c6b31

Fixed

342debc12183b51773b3345ba267e9263bdfaaef

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37798.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.5.0

Fixed

5.4.297

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.241

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.190

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.135

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.88

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.24

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.13.12

Type: ECOSYSTEM
Events: Introduced

6.14.0

Fixed

6.14.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37798.json"