{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-38637","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:24.030Z","datePublished":"2025-04-18T07:01:34.564Z","dateUpdated":"2026-05-11T21:32:04.448Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:32:04.448Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO's queue length may show a different value than what's reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/sched/sch_skbprio.c"],"versions":[{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"7abc8318ce0712182bf0783dcfdd9a6a8331160e","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"1284733bab736e598341f1d3f3b94e2a322864a8","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"32ee79682315e6d3c99947b3f38b078a09a66919","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"1dcc144c322a8d526b791135604c0663f1af9d85","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"864ca690ff135078d374bd565b9872f161c614bc","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"2f35b7673a3aa3d09b3eb05811669622ebaa98ca","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"2286770b07cb5268c03d11274b8efd43dff0d380","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"034b293bf17c124fec0f0e663f81203b00aa7a50","status":"affected","versionType":"git"},{"version":"aea5f654e6b78a0c976f7a25950155932c77a53f","lessThan":"ce8fe975fd99b49c29c42e50f2441ba53112b2e8","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/sched/sch_skbprio.c"],"versions":[{"version":"4.19","status":"affected"},{"version":"0","lessThan":"4.19","status":"unaffected","versionType":"semver"},{"version":"5.4.292","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.236","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.180","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.134","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.87","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.23","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13.11","lessThanOrEqual":"6.13.*","status":"unaffected","versionType":"semver"},{"version":"6.14.2","lessThanOrEqual":"6.14.*","status":"unaffected","versionType":"semver"},{"version":"6.15","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"5.4.292"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"5.10.236"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"5.15.180"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.1.134"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.6.87"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.12.23"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.13.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.14.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.15"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7abc8318ce0712182bf0783dcfdd9a6a8331160e"},{"url":"https://git.kernel.org/stable/c/1284733bab736e598341f1d3f3b94e2a322864a8"},{"url":"https://git.kernel.org/stable/c/32ee79682315e6d3c99947b3f38b078a09a66919"},{"url":"https://git.kernel.org/stable/c/1dcc144c322a8d526b791135604c0663f1af9d85"},{"url":"https://git.kernel.org/stable/c/864ca690ff135078d374bd565b9872f161c614bc"},{"url":"https://git.kernel.org/stable/c/2f35b7673a3aa3d09b3eb05811669622ebaa98ca"},{"url":"https://git.kernel.org/stable/c/2286770b07cb5268c03d11274b8efd43dff0d380"},{"url":"https://git.kernel.org/stable/c/034b293bf17c124fec0f0e663f81203b00aa7a50"},{"url":"https://git.kernel.org/stable/c/ce8fe975fd99b49c29c42e50f2441ba53112b2e8"}],"title":"net_sched: skbprio: Remove overly strict queue assertions","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:58:34.645Z"}}]}}