Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback This patch addresses below issues, 1. Active traffic on the leaf node must be stopped before its send queue is reassigned to the parent. This patch resolves the issue by marking the node as 'Inner'. 2. During a system reboot, the interface receives TC_HTB_LEAF_DEL and TC_HTB_LEAF_DEL_LAST callbacks to delete its HTB queues. In the case of TC_HTB_LEAF_DEL_LAST, although the same send queue is reassigned to the parent, the current logic still attempts to update the real number of queues, leadning to below warnings New queues can't be registered after device unregistration. WARNING: CPU: 0 PID: 6475 at net/core/net-sysfs.c:1714 netdev_queue_update_kobjects+0x1e4/0x200
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.5, < 6.6.94 |
References
- https://git.kernel.org/stable/c/5df8db01d6a4e9c35a5ba5d7e130d5cecd3ffcb4Patch
- https://git.kernel.org/stable/c/67af4ec948e8ce3ea53a9cf614d01fddf172e56dPatch
- https://git.kernel.org/stable/c/ec62c99914a79d84c8de5ba1b94d62f2ed721f2aPatch
- https://git.kernel.org/stable/c/f1fca0eae5a0573f226f46c6871260278e7dda12Patch
FAQ
What is CVE-2025-38278?
CVE-2025-38278 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback This patch addresses below issues, 1. Active traffic on the leaf node m...
How severe is CVE-2025-38278?
CVE-2025-38278 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-38278?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.