ГлавнаяУязвимости → CVE-2025-38107
7высокая

CVE-2025-38107

→ есть в БДУ: BDU:2025-10783 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: fix a race in ets_qdisc_change() Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 [1]: lock root [2]: qdisc_tree_flush_backlog() [3]: unlock root | | [5]: lock root | [6]: rehash | [7]: qdisc_tree_reduce_backlog() | [4]: qdisc_put() This can be abused to underflow a parent's qlen. Calling qdisc_purge_queue() instead of qdisc_tree_flush_backlog() should fix the race, because all packets will be purged from the qdisc before releasing the lock.

Затрагиваемое ПО
Linux Linux kernelDebian Debian linux
CVSS
Балл7 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://git.kernel.org/stable/c/0383b25488a545be168744336847549d4a2d3d6chttps://git.kernel.org/stable/c/073f64c03516bcfaf790f8edc772e0cfb8a84ec3https://git.kernel.org/stable/c/0b479d0aa488cb478eb2e1d8868be946ac8afb4fhttps://git.kernel.org/stable/c/347867cb424edae5fec1622712c8dd0a2c42918fhttps://git.kernel.org/stable/c/d92adacdd8c2960be856e0b82acc5b7c5395fddbhttps://git.kernel.org/stable/c/eb7b74e9754e1ba2088f914ad1f57a778b11894bhttps://git.kernel.org/stable/c/fed94bd51d62d2e0e006aa61480e94e5cd0582b0https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html