SB2025082077 - Improper locking in Linux kernel sched
Published: August 20, 2025
Security Bulletin ID
SB2025082077
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2025-38553)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the parse_attr() and netem_change() functions in net/sched/sch_netem.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/09317dfb681ac5a96fc69bea0c54441cf91b8270
- https://git.kernel.org/stable/c/103c4e27ec9f5fe53022e46e976abf52c7221baf
- https://git.kernel.org/stable/c/250f8796006c0f2bc638ce545f601d49ae8d528b
- https://git.kernel.org/stable/c/325f5ec67cc0a77f2d0d453445b9857f1cd06c76
- https://git.kernel.org/stable/c/795cb393e38977aa991e70a9363da0ee734b2114
- https://git.kernel.org/stable/c/ec8e0e3d7adef940cdf9475e2352c0680189d14e