CVE-2025-38477Race Condition in Linux

CWE-362Race ConditionCWE-416Use After Free91 documents10 sources
Severity
4.7MEDIUMNVD
OSV7.8OSV7.1OSV5.5
EPSS
0.0%
top 95.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJul 28
Latest updateFeb 27

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel3.85.4.297+7
Debianlinux/linux_kernel< 5.10.244-1+3
Ubuntulinux/linux_kernel< 5.15.0-157.167+3
CVEListV5linux/linux462dbc9101acd38e92eda93c0726857517a24bbdaa7a22c4d678bf649fd3a1d27debec583563414d+8

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

44
OSV
linux-kvm vulnerabilities2025-12-15
OSV
linux-oracle vulnerabilities2025-11-19
OSV
linux-raspi-5.4 vulnerabilities2025-11-07
OSV
linux-kvm vulnerabilities2025-10-30
OSV
linux-oracle-5.4 vulnerabilities2025-10-24

📋Vendor Advisories

46
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2025-384772026-02-27
Ubuntu
Linux kernel (KVM) vulnerabilities2025-12-15
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-11-19
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-11-07
Ubuntu
Linux kernel (KVM) vulnerabilities2025-10-30
CVE-2025-38477 — Race Condition in Linux | cvebase