CVE-2025-38083
📋 TL;DR
A race condition in the Linux kernel's PRIO queuing discipline allows an attacker to cause a parent qdisc's packet queue length counter to underflow. This affects Linux systems using the PRIO qdisc with SFQ perturb timer enabled, potentially leading to denial of service or incorrect traffic scheduling.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Persistent denial of service on affected network interfaces, causing complete network disruption for the system.
Likely Case
Intermittent network performance degradation or packet loss on interfaces using PRIO qdisc.
If Mitigated
Minimal impact if systems are patched or don't use PRIO qdisc with SFQ perturb timer.
🎯 Exploit Status
Exploitation requires precise timing and specific network configuration. Race conditions are difficult to reliably exploit.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 20f68e6a9e41693cb0e55e5b9ebbcb40983a4b8f, 3aaa7c01cf19d9b9bb64b88b65c3a6fd05da2eb4, 4483d8b9127591c60c4eb789d6cab953bc4522a9, 46c15c9d0f65c9ba857d63f53264f4b17e8a715f, 53d11560e957d53ee87a0653d258038ce12361b7
Vendor Advisory: https://git.kernel.org/stable/c/20f68e6a9e41693cb0e55e5b9ebbcb40983a4b8f
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify kernel version with 'uname -r'.
🔧 Temporary Workarounds
Disable SFQ perturb timer
linuxDisable the SFQ perturb timer in PRIO qdisc configuration to prevent the race condition trigger.
tc qdisc change dev <interface> root prio perturb 0
Use alternative queuing discipline
linuxReplace PRIO qdisc with alternative queuing discipline like HTB or FQ_CODEL.
tc qdisc del dev <interface> root
tc qdisc add dev <interface> root htb
🧯 If You Can't Patch
- Implement workaround to disable SFQ perturb timer on all affected interfaces
- Monitor network interfaces for abnormal packet loss or queue underflows
🔍 How to Verify
Check if Vulnerable:
Check if system uses PRIO qdisc: 'tc qdisc show | grep prio'. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version contains fix commits: 'uname -r'. Check git log for commit hashes.📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing qdisc errors or underflows
- Network interface statistics showing abnormal packet drops
Network Indicators:
- Unexpected network performance degradation on specific interfaces
- Increased packet loss on PRIO-configured interfaces
SIEM Query:
source="kernel" AND ("qdisc" OR "prio" OR "underflow")🔗 References
- https://git.kernel.org/stable/c/20f68e6a9e41693cb0e55e5b9ebbcb40983a4b8f
- https://git.kernel.org/stable/c/3aaa7c01cf19d9b9bb64b88b65c3a6fd05da2eb4
- https://git.kernel.org/stable/c/4483d8b9127591c60c4eb789d6cab953bc4522a9
- https://git.kernel.org/stable/c/46c15c9d0f65c9ba857d63f53264f4b17e8a715f
- https://git.kernel.org/stable/c/53d11560e957d53ee87a0653d258038ce12361b7
- https://git.kernel.org/stable/c/93f9eeb678d4c9c1abf720b3615fa8299a490845
- https://git.kernel.org/stable/c/d35acc1be3480505b5931f17e4ea9b7617fea4d3
- https://git.kernel.org/stable/c/e3f6745006dc9423d2b065b90f191cfa11b1b584
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
