Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.13, < 5.4.293 |
| Debian | Debian Linux | 11.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/11bccb054c1462fb069219f8e98e97a5a730758ePatch
- https://git.kernel.org/stable/c/2f46d14919c39528c6e540ebc43f90055993eedcPatch
- https://git.kernel.org/stable/c/68f256305ceb426d545a0dc31f83c2ab1d211a1ePatch
- https://git.kernel.org/stable/c/6ccbda44e2cc3d26fd22af54c650d6d5d801addfPatch
- https://git.kernel.org/stable/c/76c4c22c2437d3d3880efc0f62eca06ef078d290Patch
- https://git.kernel.org/stable/c/c6936266f8bf98a53f28ef9a820e6a501e946d09Patch
- https://git.kernel.org/stable/c/c6f035044104c6ff656f4565cd22938dc892528cPatch
- https://git.kernel.org/stable/c/da7936518996d290e2fcfcaf6cd7e15bfd87804aPatch
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2025-37823?
CVE-2025-37823 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() t...
How severe is CVE-2025-37823?
CVE-2025-37823 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-37823?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.