CVE-2025-38087

HIGH

Linux Kernel 6.3-6.6.94, 6.7-6.12.34, 6.13-6.15.3 - Use-After-Free in taprio_dev_notifier

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free. Adding rcu_read_lock() inside taprio_dev_notifier() prevents this.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/8c5713ce1ced75f9e9ed5c642ea3d2ba06ead69c

Patch

https://git.kernel.org/stable/c/8a008c89e5e5c5332e4c0a33d707db9ddd529f8a

Patch

https://git.kernel.org/stable/c/b1547d28ba468bc3b88764efd13e4319bab63be8

Patch

https://git.kernel.org/stable/c/b160766e26d4e2e2d6fe2294e0b02f92baefcec5

Scores

CVSS v3 7.8

EPSS 0.0014

EPSS Percentile 4.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-416

Status published

Products (15)

linux/Kernel 6.13.0 - 6.15.4linux

linux/Kernel 6.3.0 - 6.6.95linux

linux/Kernel 6.7.0 - 6.12.35linux

Linux/Linux < 6.3

Linux/Linux 6.12.35 - 6.12.*

Linux/Linux 6.15.4 - 6.15.*

Linux/Linux 6.16

Linux/Linux 6.3

Linux/Linux 6.6.95 - 6.6.*

Linux/Linux fed87cc6718ad5f80aa739fee3c5979a8b09d3a6 - 8a008c89e5e5c5332e4c0a33d707db9ddd529f8a

... and 5 more

Published Jun 30, 2025

Tracked Since Feb 18, 2026