CVE-2025-37953NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 71.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMay 20

Description

In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regression: htb_dequeue_tree(): |-> fq_codel_dequeue() |-> qdisc_tree_reduce_backlog() |-> htb_qlen_notify() |-> htb_deactivate() |-> htb_next_rb_node() |-> htb_deactivate() For htb_next_rb_node(), after calling the 1st htb_

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

Debianlinux/linux_kernel< 6.1.140-1+2
NVDlinux/linux_kernel5 versions+4
CVEListV5linux/linuxe6b45f4de763b00dc1c55e685e2dd1aaf525d3c199ff8a20fd61315bf9ae627440a5ff07d22ee153+11

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2025-37953: In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference2025-05-20
CVEList
sch_htb: make htb_deactivate() idempotent2025-05-20
GHSA
GHSA-ccmh-pfgg-525g: In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereferen2025-05-20

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: sch_htb NULL pointer dereference2025-05-20
Debian
CVE-2025-37953: linux - In the Linux kernel, the following vulnerability has been resolved: sch_htb: ma...2025
CVE-2025-37953 — NULL Pointer Dereference in Linux | cvebase