CVE-2025-38087

Published: Jun 30, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free. Adding rcu_read_lock() inside taprio_dev_notifier() prevents this.

Vendor	Product	Versions
Linux	Linux	affected `fed87cc6718ad5f80aa739fee3c5979a8b09d3a6 - < 8c5713ce1ced75f9e9ed5c642ea3d2ba06ead69c` affected `fed87cc6718ad5f80aa739fee3c5979a8b09d3a6 - < 8a008c89e5e5c5332e4c0a33d707db9ddd529f8a` affected `fed87cc6718ad5f80aa739fee3c5979a8b09d3a6 - < b1547d28ba468bc3b88764efd13e4319bab63be8` affected `fed87cc6718ad5f80aa739fee3c5979a8b09d3a6 - < b160766e26d4e2e2d6fe2294e0b02f92baefcec5`
Linux	Linux	affected `6.3` unaffected `0 - < 6.3` unaffected `6.6.95 - <= 6.6.` unaffected `6.12.35 - <= 6.12.` unaffected `6.15.4 - <= 6.15.*` +1 more versions

References

https://git.kernel.org/stable/c/8c5713ce1ced75f9e9ed5c642ea3d2ba06ead69c

https://git.kernel.org/stable/c/8a008c89e5e5c5332e4c0a33d707db9ddd529f8a

https://git.kernel.org/stable/c/b1547d28ba468bc3b88764efd13e4319bab63be8

https://git.kernel.org/stable/c/b160766e26d4e2e2d6fe2294e0b02f92baefcec5

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38087

Description

Affected Products

References