SB2025050862 - Input validation error in Linux kernel sched
Published: May 8, 2025 Updated: May 10, 2025
Security Bulletin ID
SB2025050862
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-37823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hfsc_dequeue() function in net/sched/sch_hfsc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/11bccb054c1462fb069219f8e98e97a5a730758e
- https://git.kernel.org/stable/c/2f46d14919c39528c6e540ebc43f90055993eedc
- https://git.kernel.org/stable/c/68f256305ceb426d545a0dc31f83c2ab1d211a1e
- https://git.kernel.org/stable/c/6ccbda44e2cc3d26fd22af54c650d6d5d801addf
- https://git.kernel.org/stable/c/76c4c22c2437d3d3880efc0f62eca06ef078d290
- https://git.kernel.org/stable/c/c6936266f8bf98a53f28ef9a820e6a501e946d09
- https://git.kernel.org/stable/c/c6f035044104c6ff656f4565cd22938dc892528c
- https://git.kernel.org/stable/c/da7936518996d290e2fcfcaf6cd7e15bfd87804a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.181