CVE-2025-37913
📋 TL;DR
A double-free vulnerability in the Linux kernel's qfq scheduler occurs when netem is used as a child qdisc, causing reentrant enqueue operations. This leads to memory corruption by adding the same classifier to a list twice. Affects Linux systems using qfq scheduling with netem configurations.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory corruption leading to system crash, denial of service, or potential privilege escalation.
Likely Case
System instability, kernel panics, or denial of service affecting network performance.
If Mitigated
Minimal impact if qfq with netem is not configured; systems remain stable with proper scheduling.
🎯 Exploit Status
Exploitation requires local access and specific qfq+netem configuration; no public exploits known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in stable kernel commits (e.g., 005a47954047, 041f410aec2c, etc.); apply latest stable kernel update.
Vendor Advisory: https://git.kernel.org/stable/c/005a479540478a820c52de098e5e767e63e36f0a
Restart Required: Yes
Instructions:
1. Update Linux kernel to a patched version from your distribution's repository. 2. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Disable qfq with netem configuration
linuxAvoid using qfq scheduler with netem as a child qdisc to prevent the vulnerability.
# Check current qdisc configuration: tc qdisc show
# Remove or reconfigure qfq+netem setups as needed
🧯 If You Can't Patch
- Monitor systems for kernel crashes or network instability and investigate qfq+netem usage.
- Restrict local access to prevent potential exploitation by untrusted users.
🔍 How to Verify
Check if Vulnerable:
Check if qfq is configured with netem: run 'tc qdisc show' and look for qfq entries with netem children.Check Version:
uname -rVerify Fix Applied:
After patching, verify kernel version is updated and no qfq+netem configurations cause issues; monitor system logs.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs, oops messages, or system crashes related to network scheduling.
Network Indicators:
- Unusual network latency or packet loss in systems using qfq.
SIEM Query:
Search for kernel logs containing 'qfq', 'netem', or 'double list add' errors.🔗 References
- https://git.kernel.org/stable/c/005a479540478a820c52de098e5e767e63e36f0a
- https://git.kernel.org/stable/c/041f410aec2c1751ee22b8b73ba05d38c3a6a602
- https://git.kernel.org/stable/c/0aa23e0856b7cedb3c88d8e3d281c212c7e4fbeb
- https://git.kernel.org/stable/c/0bf32d6fb1fcbf841bb9945570e0e2a70072c00f
- https://git.kernel.org/stable/c/370218e8ce711684acc4cdd3cc3c6dd7956bc165
- https://git.kernel.org/stable/c/53bc0b55178bd59bdd4bcd16349505cabf54b1a2
- https://git.kernel.org/stable/c/a43783119e01849fbf2fe8855634e8989b240cb4
- https://git.kernel.org/stable/c/f139f37dcdf34b67f5bf92bc8e0f7f6b3ac63aa4
- https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
