๐Ÿ” CVE Alert

CVE-2025-38193

UNKNOWN 0.0

net_sched: sch_sfq: reject invalid perturb period

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: reject invalid perturb period Gerrard Tai reported that SFQ perturb_period has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl->perturb_period * HZ will not overflow and is positive. tc qd add dev lo root sfq perturb -10 # negative value : error Error: sch_sfq: invalid perturb period. tc qd add dev lo root sfq perturb 1000000000 # too big : error Error: sch_sfq: invalid perturb period. tc qd add dev lo root sfq perturb 2000000 # acceptable value tc -s -d qd sh dev lo qdisc sfq 8005: root refcnt 2 limit 127p quantum 64Kb depth 127 flows 128 divisor 1024 perturb 2000000sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) backlog 0b 0p requeues 0

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Jul 4, 2025
Last Updated May 11, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < e0936ff56be4e08ad5b60ec26971eae0c40af305 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2254d038dab9c194fe6a4b1ce31034f42e91a6e5 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 956b5aebb349449b38d920d444ca1392d43719d1 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b11a50544af691b787384089b68f740ae20a441b 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0357da9149eac621f39e235a135ebf155f01f7c3 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < f9b97d466e6026ccbdda30bb5b71965b67ccbc82 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 590b2d7d0beadba2aa576708a05a05f0aae39295 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7ca52541c05c832d32b112274f81a985101f9ba8
Linux / Linux
2.6.12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/e0936ff56be4e08ad5b60ec26971eae0c40af305 git.kernel.org: https://git.kernel.org/stable/c/2254d038dab9c194fe6a4b1ce31034f42e91a6e5 git.kernel.org: https://git.kernel.org/stable/c/956b5aebb349449b38d920d444ca1392d43719d1 git.kernel.org: https://git.kernel.org/stable/c/b11a50544af691b787384089b68f740ae20a441b git.kernel.org: https://git.kernel.org/stable/c/0357da9149eac621f39e235a135ebf155f01f7c3 git.kernel.org: https://git.kernel.org/stable/c/f9b97d466e6026ccbdda30bb5b71965b67ccbc82 git.kernel.org: https://git.kernel.org/stable/c/590b2d7d0beadba2aa576708a05a05f0aae39295 git.kernel.org: https://git.kernel.org/stable/c/7ca52541c05c832d32b112274f81a985101f9ba8 lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html