#VU113101 Use-after-free in Linux kernel - CVE-2025-38350


Vulnerability identifier: #VU113101

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38350

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qdisc_alloc_handle() and qdisc_tree_reduce_backlog() functions in net/sched/sch_api.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/103406b38c600fec1fe375a77b27d87e314aea09
https://git.kernel.org/stable/c/3b290923ad2b23596208c1e29520badef4356a43
https://git.kernel.org/stable/c/7874c9c132e906a52a187d045995b115973c93fb
https://git.kernel.org/stable/c/a44acdd9e84a211989ff4b9b92bf3545d8456ad5
https://git.kernel.org/stable/c/a553afd91f55ff39b1e8a1c4989a29394c9e0472
https://git.kernel.org/stable/c/e269f29e9395527bc00c213c6b15da04ebb35070
https://git.kernel.org/stable/c/e9921b57dca05ac5f4fa1fa8e993d4f0ee52e2b7
https://git.kernel.org/stable/c/f680a4643c6f71e758d8fe0431a958e9a6a4f59d

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability


openEuler 22.03 LTS SP3 update for kernel
openEuler 22.03 LTS SP4 update for kernel
openEuler 24.03 LTS update for kernel
openEuler 24.03 LTS SP1 update for kernel
openEuler 24.03 LTS SP2 update for kernel
Multiple vulnerabilities in IBM QRadar SIEM
Ubuntu update for linux-oracle
Red Hat Enterprise Linux 8 update for multiple packages
Ubuntu update for linux-azure-fips
Ubuntu update for linux-oracle-5.4