CVE-2025-38001

5.5 MEDIUM

📋 TL;DR

A use-after-free vulnerability in the Linux kernel's HFSC scheduler allows local attackers to cause denial of service or potentially execute arbitrary code. This affects systems using HFSC with NETEM or TBF configurations, requiring local access to exploit.

💻 Affected Systems

Products:

Linux kernel

Versions: Versions before fixes in stable releases (check specific kernel versions)

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when HFSC scheduler is configured with NETEM as child or TBF as root qdisc with low rate

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to kernel compromise and full system control

🟠

Likely Case

Kernel panic or system crash causing denial of service

🟢

If Mitigated

No impact if HFSC with NETEM/TBF is not configured

🌐 Internet-Facing: LOW - requires local access, not remotely exploitable

🏢 Internal Only: MEDIUM - local users or compromised accounts could exploit

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and specific HFSC/NETEM/TBF configuration

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check kernel stable releases with commits 295f7c579b07b5b7cf2dffe485f71cc2f27647cb, 2c928b3a0b04a431ffcd6c8b7d88a267124a3a28, 2f2190ce4ca972051cac6a8d7937448f8cb9673c, 39ed887b1dd2d6b720f87e86692ac3006cc111c8, or 4e38eaaabfb7fffbb371a51150203e19eee5d70e

Vendor Advisory: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable HFSC with NETEM/TBF

linux

Remove or reconfigure HFSC scheduler to avoid vulnerable NETEM/TBF combinations

tc qdisc del dev <interface> root
tc qdisc add dev <interface> root <alternative_scheduler>

🧯 If You Can't Patch

Restrict local user access to prevent exploitation
Monitor for kernel crashes or unusual HFSC scheduler behavior

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if HFSC with NETEM/TBF is configured: uname -r and tc qdisc show

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes one of the fix commits and test HFSC/NETEM/TBF configuration stability

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
HFSC scheduler errors in dmesg
System crash reports

Network Indicators:

Unusual traffic scheduling behavior

SIEM Query:

search 'kernel panic' OR 'HFSC' OR 'UAF' in system logs

📊 Metadata

CVE ID: CVE-2025-38001

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-835

EPSS Score: 0.01% exploit probability (0.7th percentile)

Published: June 6, 2025

Last Updated: March 7, 2026

🔗 References

https://git.kernel.org/stable/c/295f7c579b07b5b7cf2dffe485f71cc2f27647cb Patch
https://git.kernel.org/stable/c/2c928b3a0b04a431ffcd6c8b7d88a267124a3a28 Patch
https://git.kernel.org/stable/c/2f2190ce4ca972051cac6a8d7937448f8cb9673c Patch
https://git.kernel.org/stable/c/39ed887b1dd2d6b720f87e86692ac3006cc111c8 Patch
https://git.kernel.org/stable/c/4e38eaaabfb7fffbb371a51150203e19eee5d70e Patch
https://git.kernel.org/stable/c/6672e6c00810056acaac019fe26cdc26fee8a66c Patch
https://git.kernel.org/stable/c/a0ec22fa20b252edbe070a9de8501eef63c17ef5 Patch
https://git.kernel.org/stable/c/ac9fe7dd8e730a103ae4481147395cc73492d786 Patch
https://git.kernel.org/stable/c/e5bee633cc276410337d54b99f77fbc1ad8801e5 Patch
https://syst3mfailure.io/rbtree-family-drama/ Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory
https://syst3mfailure.io/rbtree-family-drama/ Third Party Advisory