Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 5.4.294 |
| Debian | Debian Linux | 11.0 |
References
- https://git.kernel.org/stable/c/0a188c0e197383683fd093ab1ea6ce9a5869a6eaPatch
- https://git.kernel.org/stable/c/32ae12ce6a9f6bace186ca7335220ff59b6cc3cdPatch
- https://git.kernel.org/stable/c/5ba8b837b522d7051ef81bacf3d95383ff8edce5Patch
- https://git.kernel.org/stable/c/73cf6af13153d62f9b76eff422eea79dbc70f15ePatch
- https://git.kernel.org/stable/c/967955c9e57f8eebfccc298037d4aaf3d42bc1c9Patch
- https://git.kernel.org/stable/c/a61f1b5921761fbaf166231418bc1db301e5bf59Patch
- https://git.kernel.org/stable/c/bbbf5e0f87078b715e7a665d662a2c0e77f044aePatch
- https://git.kernel.org/stable/c/e6b45f4de763b00dc1c55e685e2dd1aaf525d3c1Patch
- https://lists.debian.org/debian-lts-announce/2025/08/msg00010.htmlThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlThird Party Advisory
FAQ
What is CVE-2025-37932?
CVE-2025-37932 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning ...
How severe is CVE-2025-37932?
CVE-2025-37932 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-37932?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.