{"id":"CVE-2025-38637","summary":"net_sched: skbprio: Remove overly strict queue assertions","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO's queue length may show a different value than what's reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.","modified":"2026-03-20T12:42:57.806147Z","published":"2025-04-18T07:01:34.564Z","related":["MGASA-2025-0142","MGASA-2025-0146","SUSE-SU-2025:01919-1","SUSE-SU-2025:01951-1","SUSE-SU-2025:01964-1","SUSE-SU-2025:01965-1","SUSE-SU-2025:01967-1","SUSE-SU-2025:01972-1","SUSE-SU-2025:01983-1","SUSE-SU-2025:02000-1","SUSE-SU-2025:20408-1","SUSE-SU-2025:20413-1","SUSE-SU-2025:20419-1","SUSE-SU-2025:20421-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38637.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/034b293bf17c124fec0f0e663f81203b00aa7a50"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1284733bab736e598341f1d3f3b94e2a322864a8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1dcc144c322a8d526b791135604c0663f1af9d85"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2286770b07cb5268c03d11274b8efd43dff0d380"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2f35b7673a3aa3d09b3eb05811669622ebaa98ca"},{"type":"WEB","url":"https://git.kernel.org/stable/c/32ee79682315e6d3c99947b3f38b078a09a66919"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7abc8318ce0712182bf0783dcfdd9a6a8331160e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/864ca690ff135078d374bd565b9872f161c614bc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ce8fe975fd99b49c29c42e50f2441ba53112b2e8"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38637.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38637"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"aea5f654e6b78a0c976f7a25950155932c77a53f"},{"fixed":"7abc8318ce0712182bf0783dcfdd9a6a8331160e"},{"fixed":"1284733bab736e598341f1d3f3b94e2a322864a8"},{"fixed":"32ee79682315e6d3c99947b3f38b078a09a66919"},{"fixed":"1dcc144c322a8d526b791135604c0663f1af9d85"},{"fixed":"864ca690ff135078d374bd565b9872f161c614bc"},{"fixed":"2f35b7673a3aa3d09b3eb05811669622ebaa98ca"},{"fixed":"2286770b07cb5268c03d11274b8efd43dff0d380"},{"fixed":"034b293bf17c124fec0f0e663f81203b00aa7a50"},{"fixed":"ce8fe975fd99b49c29c42e50f2441ba53112b2e8"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38637.json"}}],"schema_version":"1.7.5"}