CVE-2025-40083

NONE EPSS 8.6%
Published Oct 29, 20258mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Oct 29, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix null-deref in agg_dequeue To prevent a potential crash in agg_dequeue (net/sched/sch_qfq.c) when cl->qdisc->ops->peek(cl->qdisc) returns NULL, we check the return value before using it, similar to the existing approach in sch_hfsc.c. To avoid code duplication, the following changes are made: 1. Changed qdisc_warn_nonwc(include/net/pkt_sched.h) into a static inline function. 2. Moved qdisc_peek_len from net/sched/sch_hfsc.c to include/net/pkt_sched.h so that sch_qfq can reuse it. 3. Applied qdisc_peek_len in agg_dequeue to avoid crashing.

Threat Intelligence

EPSS Exploit Probability
8.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 7

  • git.kernel.org https://git.kernel.org/stable/c/1bed56f089f09b465420bf23bb32985c305cfc28
  • git.kernel.org https://git.kernel.org/stable/c/3c2a8994807623c7655ece205667ae2cf74940aa
  • git.kernel.org https://git.kernel.org/stable/c/6ff8e74c8f8a68ec07ef837b95425dfe900d060f
  • git.kernel.org https://git.kernel.org/stable/c/6ffa9d66187188e3068b5a3895e6ae1ee34f9199
  • git.kernel.org https://git.kernel.org/stable/c/71d84658a61322e5630c85c5388fc25e4a2d08b2
  • git.kernel.org https://git.kernel.org/stable/c/99fc137f178797204d36ac860dd8b31e35baa2df
  • git.kernel.org https://git.kernel.org/stable/c/dd831ac8221e691e9e918585b1003c7071df0379

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.