Division by Zero Vulnerability in Linux Kernel Network Module
CVE-2025-38719

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-38719?

A division by zero vulnerability exists in the Linux kernel network module, specifically in the hbg_get_queue_used_num() function. When the network port is inactive, the ring queue length may register as zero, triggering a potential division by zero error when this function is called through debugfs. A recent patch has been implemented to mitigate this risk by ensuring that the function returns zero if the queue length is detected as zero. This enhancement improves the stability and integrity of the network stack in the Linux operating system.

Affected Version(s)

Linux 40735e7543f94fc88f58d94fd5f88daa4a2f2c6e

Linux 40735e7543f94fc88f58d94fd5f88daa4a2f2c6e < 475e06113c615dafd44262d6d6bd37786f7f4206

Linux 40735e7543f94fc88f58d94fd5f88daa4a2f2c6e < 7004b26f0b64331143eb0b312e77a357a11427ce

References

https://git.kernel.org/stable/c/c945e1ad4f3b77166a3215dab...

https://git.kernel.org/stable/c/475e06113c615dafd44262d6d...

https://git.kernel.org/stable/c/7004b26f0b64331143eb0b312...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025