Null Dereference Vulnerability in Linux Kernel's Queueing Framework
CVE-2025-40083

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
29 October 2025

What is CVE-2025-40083?

A critical null dereference vulnerability exists in the Linux kernel's queueing framework, specifically within the sch_qfq scheduler. This flaw occurs when a function call within the scheduler's code path returns a NULL value, leading to a potential system crash. Recent updates implement preventive measures to ensure that the return value is properly checked before use, mirroring existing safeguards in other components. These enhancements not only address the immediate defect but also refine the underlying code structure for better maintainability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 462dbc9101acd38e92eda93c0726857517a24bbd < 71d84658a61322e5630c85c5388fc25e4a2d08b2

Linux 462dbc9101acd38e92eda93c0726857517a24bbd < 99fc137f178797204d36ac860dd8b31e35baa2df

Linux 462dbc9101acd38e92eda93c0726857517a24bbd < 1bed56f089f09b465420bf23bb32985c305cfc28

References

https://git.kernel.org/stable/c/71d84658a61322e5630c85c53...
https://git.kernel.org/stable/c/99fc137f178797204d36ac860...
https://git.kernel.org/stable/c/1bed56f089f09b465420bf23b...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.