Описание
Уязвимость модуля net/sched/sch_hfsc.c ядра операционной системы Linux связана с возможностью использования памяти после освобождения. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Вендор
Novell Inc.
Canonical Ltd.
Сообщество свободного программного обеспечения
АО «ИВК»
Red Hat Inc.
Наименование ПО
SUSE Linux Enterprise Server for SAP Applications
OpenSUSE Leap
SUSE OpenStack Cloud
Suse Linux Enterprise Server
SUSE Linux Enterprise Module for Basesystem
SUSE Linux Enterprise Module for Development Tools
SUSE Linux Enterprise Point of Sale
SUSE Linux Enterprise Live Patching
SUSE Enterprise Storage
Suse Linux Enterprise Desktop
SUSE Linux Enterprise High Performance Computing
Ubuntu
SUSE Linux Enterprise Server for Raspberry Pi
SUSE CaaS Platform
SUSE Manager Proxy
SUSE Manager Retail Branch Server
SUSE Manager Server
Debian GNU/Linux
SUSE Linux Enterprise Micro
Альт 8 СП
Red Hat Enterprise Linux
SUSE Linux Enterprise Real Time
SUSE Real Time Module
Linux
Версия ПО
12 SP2 (SUSE Linux Enterprise Server for SAP Applications)
12 SP4 (SUSE Linux Enterprise Server for SAP Applications)
15.5 (OpenSUSE Leap)
7 (SUSE OpenStack Cloud)
12 SP4 (Suse Linux Enterprise Server)
11 SP4 (Suse Linux Enterprise Server)
12 SP2 LTSS (Suse Linux Enterprise Server)
15 (SUSE Linux Enterprise Module for Basesystem)
15 SP1 (SUSE Linux Enterprise Module for Basesystem)
15 SP1 (SUSE Linux Enterprise Module for Development Tools)
12 SP2-CLIENT (SUSE Linux Enterprise Point of Sale)
12 SP2-BCL (Suse Linux Enterprise Server)
12 SP2-ESPOS (Suse Linux Enterprise Server)
12 SP3 (SUSE Linux Enterprise Live Patching)
12 SP4 (SUSE Linux Enterprise Live Patching)
15 (SUSE Linux Enterprise Server for SAP Applications)
11 SP4-LTSS (Suse Linux Enterprise Server)
12 SP5 (Suse Linux Enterprise Server)
6 (SUSE Enterprise Storage)
12 SP2 (Suse Linux Enterprise Desktop)
12 SP2 (Suse Linux Enterprise Server)
9 (SUSE OpenStack Cloud)
12 SP5 (SUSE Linux Enterprise Live Patching)
15-ESPOS (SUSE Linux Enterprise High Performance Computing)
15-LTSS (SUSE Linux Enterprise High Performance Computing)
15-LTSS (Suse Linux Enterprise Server)
Crowbar 9 (SUSE OpenStack Cloud)
15 SP2 (SUSE Linux Enterprise Module for Basesystem)
20.04 LTS (Ubuntu)
11 SP4 (Suse Linux Enterprise Desktop)
12 SP2 (SUSE Linux Enterprise Server for Raspberry Pi)
12 SP4-ESPOS (Suse Linux Enterprise Server)
4.0 (SUSE CaaS Platform)
12 SP4-LTSS (Suse Linux Enterprise Server)
15 SP1-BCL (Suse Linux Enterprise Server)
15 SP1-LTSS (Suse Linux Enterprise Server)
15 SP1-LTSS (SUSE Linux Enterprise High Performance Computing)
15 SP1-ESPOS (SUSE Linux Enterprise High Performance Computing)
4.0 (SUSE Manager Proxy)
4.0 (SUSE Manager Retail Branch Server)
4.0 (SUSE Manager Server)
15 SP3 (SUSE Linux Enterprise Module for Basesystem)
15.3 (OpenSUSE Leap)
15 SP1 (Suse Linux Enterprise Server)
12 (Debian GNU/Linux)
15.4 (OpenSUSE Leap)
15 SP3 (SUSE Linux Enterprise High Performance Computing)
15 SP3 (SUSE Linux Enterprise Server for SAP Applications)
4.2 (SUSE Manager Proxy)
4.2 (SUSE Manager Server)
15 SP3 (Suse Linux Enterprise Desktop)
7 (SUSE Enterprise Storage)
15 SP2 (Suse Linux Enterprise Server)
15 SP2 (SUSE Linux Enterprise Server for SAP Applications)
4.1 (SUSE Manager Server)
4.1 (SUSE Manager Proxy)
15 SP2-ESPOS (SUSE Linux Enterprise High Performance Computing)
15 SP2-LTSS (SUSE Linux Enterprise High Performance Computing)
5.0 (SUSE Linux Enterprise Micro)
5.1 (SUSE Linux Enterprise Micro)
15 SP3 (SUSE Linux Enterprise Module for Development Tools)
4.1 (SUSE Manager Retail Branch Server)
- (Альт 8 СП)
15 SP2 (Suse Linux Enterprise Desktop)
15 SP2 (SUSE Linux Enterprise High Performance Computing)
15 SP2-BCL (Suse Linux Enterprise Server)
15 SP4 (SUSE Linux Enterprise Server for SAP Applications)
4.2 (SUSE Manager Retail Branch Server)
5.2 (SUSE Linux Enterprise Micro)
22.04 LTS (Ubuntu)
9 (Red Hat Enterprise Linux)
15 SP2-LTSS (Suse Linux Enterprise Server)
15 SP2 (SUSE Linux Enterprise Real Time)
4.3 (SUSE Manager Retail Branch Server)
4.3 (SUSE Manager Proxy)
4.3 (SUSE Manager Server)
15 SP4 (SUSE Linux Enterprise High Performance Computing)
15 SP1 (Suse Linux Enterprise Desktop)
15 (Suse Linux Enterprise Desktop)
7.1 (SUSE Enterprise Storage)
15 SP4 (SUSE Linux Enterprise Module for Basesystem)
15 SP4 (SUSE Linux Enterprise Module for Development Tools)
15 (SUSE Linux Enterprise High Performance Computing)
15 SP1 (SUSE Linux Enterprise High Performance Computing)
5.3 (SUSE Linux Enterprise Micro)
15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing)
15 SP3-LTSS (SUSE Linux Enterprise High Performance Computing)
15 SP3 (SUSE Linux Enterprise Real Time)
11 SP4-LTSS-EXTREME-CORE (Suse Linux Enterprise Server)
15 SP3-BCL (Suse Linux Enterprise Server)
15 SP5 (SUSE Linux Enterprise Server for SAP Applications)
15 SP5 (Suse Linux Enterprise Desktop)
15 SP5 (SUSE Linux Enterprise High Performance Computing)
15 SP5 (SUSE Linux Enterprise Module for Basesystem)
15 SP5 (SUSE Linux Enterprise Module for Development Tools)
15 SP4 (SUSE Linux Enterprise Real Time)
15 SP5 (SUSE Linux Enterprise Real Time)
5.4 (SUSE Linux Enterprise Micro)
5.5 (SUSE Linux Enterprise Micro)
15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing)
15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing)
15 SP4 (SUSE Real Time Module)
24.04 LTS (Ubuntu)
15.6 (OpenSUSE Leap)
15 SP6 (SUSE Linux Enterprise Real Time)
12 SP5-LTSS (Suse Linux Enterprise Server)
12 SP5 LTSS Extended Security (Suse Linux Enterprise Server)
24.10 (Ubuntu)
6.1 (SUSE Linux Enterprise Micro)
15 SP5-LTSS (SUSE Linux Enterprise High Performance Computing)
25.04 (Ubuntu)
10 (Red Hat Enterprise Linux)
15 SP7 (SUSE Linux Enterprise Real Time)
15 SP3 (SUSE Real Time Module)
от 5.0 до 5.15.182 (Linux)
от 6.1 до 6.1.138 (Linux)
от 6.6 до 6.6.90 (Linux)
от 6.12 до 6.12.28 (Linux)
от 6.14 до 6.14.6 (Linux)
от 6.15 до 6.15 rc5 (Linux)
Тип ПО
Операционная система
Прикладное ПО информационных систем
Сетевое средство
Операционные системы и аппаратные платформы
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4
Novell Inc. OpenSUSE Leap 15.5
Novell Inc. Suse Linux Enterprise Server 12 SP4
Novell Inc. Suse Linux Enterprise Server 11 SP4
Novell Inc. Suse Linux Enterprise Server 12 SP2 LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL
Novell Inc. Suse Linux Enterprise Server 12 SP2-ESPOS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15
Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP5
Novell Inc. Suse Linux Enterprise Desktop 12 SP2
Novell Inc. Suse Linux Enterprise Server 12 SP2
Novell Inc. Suse Linux Enterprise Server 15-LTSS
Canonical Ltd. Ubuntu 20.04 LTS
Novell Inc. Suse Linux Enterprise Desktop 11 SP4
Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS
Novell Inc. Suse Linux Enterprise Server 12 SP4-LTSS
Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL
Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS
Novell Inc. OpenSUSE Leap 15.3
Novell Inc. Suse Linux Enterprise Server 15 SP1
Сообщество свободного программного обеспечения Debian GNU/Linux 12
Novell Inc. OpenSUSE Leap 15.4
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP3
Novell Inc. Suse Linux Enterprise Desktop 15 SP3
Novell Inc. Suse Linux Enterprise Server 15 SP2
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP2
АО «ИВК» Альт 8 СП -
Novell Inc. Suse Linux Enterprise Desktop 15 SP2
Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP4
Canonical Ltd. Ubuntu 22.04 LTS
Red Hat Inc. Red Hat Enterprise Linux 9
Novell Inc. Suse Linux Enterprise Server 15 SP2-LTSS
Novell Inc. SUSE Linux Enterprise Real Time 15 SP2
Novell Inc. Suse Linux Enterprise Desktop 15 SP1
Novell Inc. Suse Linux Enterprise Desktop 15
Novell Inc. SUSE Linux Enterprise Real Time 15 SP3
Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS-EXTREME-CORE
Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5
Novell Inc. Suse Linux Enterprise Desktop 15 SP5
Novell Inc. SUSE Linux Enterprise Real Time 15 SP4
Novell Inc. SUSE Linux Enterprise Real Time 15 SP5
Canonical Ltd. Ubuntu 24.04 LTS
Novell Inc. OpenSUSE Leap 15.6
Novell Inc. SUSE Linux Enterprise Real Time 15 SP6
Novell Inc. Suse Linux Enterprise Server 12 SP5-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP5 LTSS Extended Security
Canonical Ltd. Ubuntu 24.10
Canonical Ltd. Ubuntu 25.04
Red Hat Inc. Red Hat Enterprise Linux 10
Novell Inc. SUSE Linux Enterprise Real Time 15 SP7
Сообщество свободного программного обеспечения Linux от 5.0 до 5.15.182
Сообщество свободного программного обеспечения Linux от 6.1 до 6.1.138
Сообщество свободного программного обеспечения Linux от 6.6 до 6.6.90
Сообщество свободного программного обеспечения Linux от 6.12 до 6.12.28
Сообщество свободного программного обеспечения Linux от 6.14 до 6.14.6
Сообщество свободного программного обеспечения Linux от 6.15 до 6.15 rc5
Уровень опасности уязвимости
Средний уровень опасности (базовая оценка CVSS 2.0 составляет 4,6)
Средний уровень опасности (базовая оценка CVSS 3.1 составляет 5,5)
Возможные меры по устранению уязвимости
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для Linux:
https://git.kernel.org/stable/c/141d34391abbb315d68556b7c67ad97885407547
https://git.kernel.org/stable/c/2e7093c7a8aba5d4f8809f271488e5babe75e202
https://git.kernel.org/stable/c/6082a87af4c52f58150d40dec1716011d871ac21
https://git.kernel.org/stable/c/8df7d37d626430035b413b97cee18396b3450bef
https://git.kernel.org/stable/c/ac39fd4a757584d78ed062d4f6fd913f83bd98b5
https://git.kernel.org/stable/c/e3e949a39a91d1f829a4890e7dfe9417ac72e4d0
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2025-37890
Для программных продуктов Ubuntu:
https://ubuntu.com/security/CVE-2025-37890
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2025-37890.html
Для продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2025-37890
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства: https://altsp.su/obnovleniya-bezopasnosti/
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Ссылки на источники
Идентификаторы других систем описаний уязвимостей
- CVE
EPSS
Процентиль: 16%
0.00051
Низкий
5.5 Medium
CVSS3
4.6 Medium
CVSS2
Связанные уязвимости
ubuntu
2 месяца назад
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that checking for cl->qdisc->q.qlen == 0 guarantees that it hasn't inserted the class in the vttree or eltree (which is not true for the netem duplicate case). This patch checks the n_active class variable to make sure that the code won't insert the class in the vttree or eltree twice, catering for the reentrant case. [1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
CVSS3: 4.7
redhat
2 месяца назад
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that checking for cl->qdisc->q.qlen == 0 guarantees that it hasn't inserted the class in the vttree or eltree (which is not true for the netem duplicate case). This patch checks the n_active class variable to make sure that the code won't insert the class in the vttree or eltree twice, catering for the reentrant case. [1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
nvd
2 месяца назад
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that checking for cl->qdisc->q.qlen == 0 guarantees that it hasn't inserted the class in the vttree or eltree (which is not true for the netem duplicate case). This patch checks the n_active class variable to make sure that the code won't insert the class in the vttree or eltree twice, catering for the reentrant case. [1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
debian
2 месяца назад
In the Linux kernel, the following vulnerability has been resolved: n ...
EPSS
Процентиль: 16%
0.00051
Низкий
5.5 Medium
CVSS3
4.6 Medium
CVSS2