Queue Accounting Issue in Linux Kernel Impacting HFSC Functionality
CVE-2025-38000
What is CVE-2025-38000?
A vulnerability in the Linux Kernel exposes a queue accounting issue when handling packets with the Hierarchical Fair Service Curve (HFSC) class. This flaw arises during the enqueue operation, specifically in the hfsc_enqueue() function, where the queue length and backlog are not correctly updated before triggering a child queue's peek operation. As a result, the queue accounting can become inconsistent, potentially leading to unexpected behavior such as packet drops and use-after-free vulnerabilities. This vulnerability has been addressed by modifying the order of operations to ensure accurate queue metrics, preventing the risks associated with an improper accounting state.
Affected Version(s)
Linux 12d0ad3be9c3854e52ec74bb83bb6f43612827c7 < 1034e3310752e8675e313f7271b348914008719a
Linux 12d0ad3be9c3854e52ec74bb83bb6f43612827c7
Linux 12d0ad3be9c3854e52ec74bb83bb6f43612827c7 < 89c301e929a0db14ebd94b4d97764ce1d6981653