CVE-2025-38350Use After Free in Linux

CWE-416Use After Free59 documents9 sources
Severity
7.8HIGHNVD
OSV8.4OSV5.5
EPSS
0.0%
top 91.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJul 19
Latest updateFeb 27

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight class passive via qlen_notify(). Most qdiscs do not expect such behaviour at this point in time and may re-activate the class eventually anyways which will lead to a use-after-free. The referenced fi

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel5.4.2945.4.296+9
Debianlinux/linux_kernel< 5.10.244-1+3
Ubuntulinux/linux_kernel< 5.15.0-153.163+3
CVEListV5linux/linux1034e3310752e8675e313f7271b348914008719a3b290923ad2b23596208c1e29520badef4356a43+9

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

29
OSV
linux-oracle vulnerabilities2025-11-19
OSV
linux-azure-fips vulnerabilities2025-10-21
OSV
linux-oracle-5.4 vulnerabilities2025-10-21
OSV
linux-azure, linux-azure-5.4 vulnerabilities2025-10-13
OSV
linux-oracle vulnerabilities2025-10-13

📋Vendor Advisories

29
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2025-383502026-02-27
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-11-19
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2025-10-21
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-10-21
Ubuntu
Linux kernel (Azure) vulnerabilities2025-10-13
CVE-2025-38350 — Use After Free in Linux | cvebase