{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38278", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.998Z", "datePublished": "2025-07-10T07:41:57.546Z", "dateUpdated": "2025-07-28T04:17:08.137Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-28T04:17:08.137Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback\n\nThis patch addresses below issues,\n\n1. Active traffic on the leaf node must be stopped before its send queue\n is reassigned to the parent. This patch resolves the issue by marking\n the node as 'Inner'.\n\n2. During a system reboot, the interface receives TC_HTB_LEAF_DEL\n and TC_HTB_LEAF_DEL_LAST callbacks to delete its HTB queues.\n In the case of TC_HTB_LEAF_DEL_LAST, although the same send queue\n is reassigned to the parent, the current logic still attempts to update\n the real number of queues, leadning to below warnings\n\n New queues can't be registered after device unregistration.\n WARNING: CPU: 0 PID: 6475 at net/core/net-sysfs.c:1714\n netdev_queue_update_kobjects+0x1e4/0x200"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/marvell/octeontx2/nic/qos.c"], "versions": [{"version": "5e6808b4c68d7882971514ab3279926eb07c8b2d", "lessThan": "5df8db01d6a4e9c35a5ba5d7e130d5cecd3ffcb4", "status": "affected", "versionType": "git"}, {"version": "5e6808b4c68d7882971514ab3279926eb07c8b2d", "lessThan": "ec62c99914a79d84c8de5ba1b94d62f2ed721f2a", "status": "affected", "versionType": "git"}, {"version": "5e6808b4c68d7882971514ab3279926eb07c8b2d", "lessThan": "f1fca0eae5a0573f226f46c6871260278e7dda12", "status": "affected", "versionType": "git"}, {"version": "5e6808b4c68d7882971514ab3279926eb07c8b2d", "lessThan": "67af4ec948e8ce3ea53a9cf614d01fddf172e56d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/marvell/octeontx2/nic/qos.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.94", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.34", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.3", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.6.94"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.12.34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.15.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5df8db01d6a4e9c35a5ba5d7e130d5cecd3ffcb4"}, {"url": "https://git.kernel.org/stable/c/ec62c99914a79d84c8de5ba1b94d62f2ed721f2a"}, {"url": "https://git.kernel.org/stable/c/f1fca0eae5a0573f226f46c6871260278e7dda12"}, {"url": "https://git.kernel.org/stable/c/67af4ec948e8ce3ea53a9cf614d01fddf172e56d"}], "title": "octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D3A3F5D-1F88-4BFE-92A6-43E827D27BE3", "versionEndExcluding": "6.6.94", "versionStartIncluding": "6.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FFA54AA-CDFE-4591-BD07-72813D0948F4", "versionEndExcluding": "6.12.34", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0541C761-BD5E-4C1A-8432-83B375D7EB92", "versionEndExcluding": "6.15.3", "versionStartIncluding": "6.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback\n\nThis patch addresses below issues,\n\n1. Active traffic on the leaf node must be stopped before its send queue\n is reassigned to the parent. This patch resolves the issue by marking\n the node as 'Inner'.\n\n2. During a system reboot, the interface receives TC_HTB_LEAF_DEL\n and TC_HTB_LEAF_DEL_LAST callbacks to delete its HTB queues.\n In the case of TC_HTB_LEAF_DEL_LAST, although the same send queue\n is reassigned to the parent, the current logic still attempts to update\n the real number of queues, leadning to below warnings\n\n New queues can't be registered after device unregistration.\n WARNING: CPU: 0 PID: 6475 at net/core/net-sysfs.c:1714\n netdev_queue_update_kobjects+0x1e4/0x200"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: octeontx2-pf: QOS: Refactorizar la devoluci\u00f3n de llamada TC_HTB_LEAF_DEL_LAST Este parche soluciona los siguientes problemas: 1. El tr\u00e1fico activo en el nodo hoja debe detenerse antes de que su cola de env\u00edo se reasigne al padre. Este parche resuelve el problema marcando el nodo como \"interno\". 2. Durante un reinicio del sistema, la interfaz recibe las devoluciones de llamada TC_HTB_LEAF_DEL y TC_HTB_LEAF_DEL_LAST para eliminar sus colas HTB. En el caso de TC_HTB_LEAF_DEL_LAST, aunque la misma cola de env\u00edo se reasigne al padre, la l\u00f3gica actual a\u00fan intenta actualizar el n\u00famero real de colas, lo que genera las siguientes advertencias No se pueden registrar nuevas colas despu\u00e9s de anular el registro del dispositivo. ADVERTENCIA: CPU: 0 PID: 6475 en net/core/net-sysfs.c:1714 netdev_queue_update_kobjects+0x1e4/0x200"}], "id": "CVE-2025-38278", "lastModified": "2025-11-19T22:03:17.780", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-07-10T08:15:26.123", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5df8db01d6a4e9c35a5ba5d7e130d5cecd3ffcb4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/67af4ec948e8ce3ea53a9cf614d01fddf172e56d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ec62c99914a79d84c8de5ba1b94d62f2ed721f2a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f1fca0eae5a0573f226f46c6871260278e7dda12"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback", "id": "2379181", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379181"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-38278", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38278\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38278\nhttps://lore.kernel.org/linux-cve-announce/2025071009-CVE-2025-38278-2d3a@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-13T11:06:37.138306+00:00", "updated": "2025-07-13T11:06:37.138397+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}