CVE-2025-38177

Published Jul 4, 2025

Last updated 10 days ago

Overview

Description
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Awaiting Analysis

Social media

Hype score
Not currently trending

  1. (CVE-2025-38177)[sch_hfsc]hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue() https://t.co/auSs5NMxWv Exploited in kernelCTF(as 1-day) https://t.co/KzLUOHH9JP Reported by Gerrard Tai(@gerrard_tai) https://t.co/LTEbmX5T1T

    @xvonfers

    5 Jul 2025

    1117 Impressions

    2 Retweets

    23 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-38177 Linux Kernel HFSC Qdisc Vulnerability https://t.co/ZnFKX295Bo

    @VulmonFeeds

    4 Jul 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.