CVE-2025-37823

Description

In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.

Reserved 2025-04-16 | Published 2025-05-08 | Updated 2025-05-08 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 68f256305ceb426d545a0dc31f83c2ab1d211a1e
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 2f46d14919c39528c6e540ebc43f90055993eedc
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before da7936518996d290e2fcfcaf6cd7e15bfd87804a
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 11bccb054c1462fb069219f8e98e97a5a730758e
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 76c4c22c2437d3d3880efc0f62eca06ef078d290
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before c6f035044104c6ff656f4565cd22938dc892528c
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before c6936266f8bf98a53f28ef9a820e6a501e946d09
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 6ccbda44e2cc3d26fd22af54c650d6d5d801addf
affected

Default status
affected

2.6.12
affected

Any version before 2.6.12
unaffected

5.4.293
unaffected

5.10.237
unaffected

5.15.181
unaffected

6.1.136
unaffected

6.6.89
unaffected

6.12.26
unaffected

6.14.5
unaffected

6.15-rc4
unaffected

References

git.kernel.org/...c/68f256305ceb426d545a0dc31f83c2ab1d211a1e

git.kernel.org/...c/2f46d14919c39528c6e540ebc43f90055993eedc

git.kernel.org/...c/da7936518996d290e2fcfcaf6cd7e15bfd87804a

git.kernel.org/...c/11bccb054c1462fb069219f8e98e97a5a730758e

git.kernel.org/...c/76c4c22c2437d3d3880efc0f62eca06ef078d290

git.kernel.org/...c/c6f035044104c6ff656f4565cd22938dc892528c

git.kernel.org/...c/c6936266f8bf98a53f28ef9a820e6a501e946d09

git.kernel.org/...c/6ccbda44e2cc3d26fd22af54c650d6d5d801addf

cve.org (CVE-2025-37823)

nvd.nist.gov (CVE-2025-37823)

Download JSON