CVE-2025-38477

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38477
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38477.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38477
Downstream
Related
Published
2025-07-28T12:15:29Z
Modified
2025-08-30T18:01:35Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net/sched: schqfq: Fix race condition on qfqaggregate

A race condition can occur when 'agg' is modified in qfqchangeagg (called during qfqenqueue) while other threads access it concurrently. For example, qfqdumpclass may trigger a NULL dereference, and qfqdelete_class may cause a use-after-free.

This patch addresses the issue by:

  1. Moved qfqdestroyclass into the critical section.

  2. Added schtreelock protection to qfqdumpclass and qfqdumpclass_stats.

References

Affected packages