CVE-2025-38087

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-38087

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38087.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38087

Downstream

BELL-CVE-2025-38087

DEBIAN-CVE-2025-38087

MINI-9h53-4vfh-7fm5

OESA-2025-2120

OESA-2025-2121

OESA-2025-2122

RHSA-2025:11810

RHSA-2025:12662

RHSA-2025:12746

RLSA-2025:12662

RLSA-2025:12746

ROOT-OS-UBUNTU-2404-CVE-2025-38087

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:02996-1

SUSE-SU-2025:02997-1

SUSE-SU-2025:03011-1

SUSE-SU-2025:03023-1

SUSE-SU-2025:03097-1

SUSE-SU-2025:03100-1

SUSE-SU-2025:03104-1

SUSE-SU-2025:03106-1

SUSE-SU-2025:03108-1

SUSE-SU-2025:03109-1

SUSE-SU-2025:03111-1

SUSE-SU-2025:03123-1

SUSE-SU-2025:03209-1

SUSE-SU-2025:03210-1

SUSE-SU-2025:03212-1

SUSE-SU-2025:03213-1

SUSE-SU-2025:03215-1

SUSE-SU-2025:03217-1

SUSE-SU-2025:03222-1

SUSE-SU-2025:03223-1

SUSE-SU-2025:03226-1

SUSE-SU-2025:03235-1

SUSE-SU-2025:20577-1

SUSE-SU-2025:20586-1

SUSE-SU-2025:20601-1

SUSE-SU-2025:20602-1

SUSE-SU-2025:20698-1

SUSE-SU-2025:20699-1

SUSE-SU-2025:20700-1

SUSE-SU-2025:20701-1

SUSE-SU-2025:20702-1

SUSE-SU-2025:20703-1

SUSE-SU-2025:20704-1

SUSE-SU-2025:20705-1

SUSE-SU-2025:20706-1

SUSE-SU-2025:20707-1

SUSE-SU-2025:20709-1

SUSE-SU-2025:20710-1

SUSE-SU-2025:20711-1

SUSE-SU-2025:20712-1

SUSE-SU-2025:20714-1

SUSE-SU-2025:20761-1

SUSE-SU-2025:20762-1

SUSE-SU-2025:20763-1

SUSE-SU-2025:20764-1

SUSE-SU-2025:20766-1

SUSE-SU-2025:20767-1

SUSE-SU-2025:20775-1

SUSE-SU-2025:20776-1

SUSE-SU-2025:20777-1

SUSE-SU-2025:20778-1

SUSE-SU-2025:20779-1

SUSE-SU-2025:20780-1

SUSE-SU-2025:20782-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

openSUSE-SU-2025:20081-1

Related

Published

2025-06-30T07:29:43.325Z

Modified

2026-03-20T12:42:40.304804Z

Summary

net/sched: fix use-after-free in taprio_dev_notifier

Details

In the Linux kernel, the following vulnerability has been resolved:

net/sched: fix use-after-free in tapriodevnotifier

Since taprio’s tapriodevnotifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free.

Adding rcureadlock() inside tapriodevnotifier() prevents this.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38087.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

fed87cc6718ad5f80aa739fee3c5979a8b09d3a6

Fixed

8c5713ce1ced75f9e9ed5c642ea3d2ba06ead69c

Fixed

8a008c89e5e5c5332e4c0a33d707db9ddd529f8a

Fixed

b1547d28ba468bc3b88764efd13e4319bab63be8

Fixed

b160766e26d4e2e2d6fe2294e0b02f92baefcec5

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38087.json"