Vulnerability-Lookup

SUSE-SU-2026:0688-1

Vulnerability from csaf_suse - Published: 2026-02-27 15:09 - Updated: 2026-02-27 15:09

Summary

Security update for the Linux Kernel

Notes

Title of the patch

Security update for the Linux Kernel

Description of the patch

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-0920: net: split out functions related to registering inflight socket files (bsc#1193731). - CVE-2025-38177: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1245986).

Patchnames

SUSE-2026-688,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-688

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2021-0920: net: split out functions related to registering inflight socket files (bsc#1193731).\n- CVE-2025-38177: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1245986).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-688,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-688",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0688-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:0688-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260688-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:0688-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024506.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193731",
        "url": "https://bugzilla.suse.com/1193731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1245986",
        "url": "https://bugzilla.suse.com/1245986"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-0920 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-0920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38177 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38177/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2026-02-27T15:09:04Z",
      "generator": {
        "date": "2026-02-27T15:09:04Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:0688-1",
      "initial_release_date": "2026-02-27T15:09:04Z",
      "revision_history": [
        {
          "date": "2026-02-27T15:09:04Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-docs-3.0.101-108.201.1.noarch",
                "product": {
                  "name": "kernel-docs-3.0.101-108.201.1.noarch",
                  "product_id": "kernel-docs-3.0.101-108.201.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-default-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-default-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-default-base-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-default-base-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-default-devel-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-ec2-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-ec2-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-base-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-ec2-base-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-ec2-base-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-devel-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-ec2-devel-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-ec2-devel-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-source-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-source-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-syms-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-syms-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-trace-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-trace-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-base-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-trace-base-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-trace-base-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-devel-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-trace-devel-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-trace-devel-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-xen-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-xen-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-base-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-xen-base-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-xen-base-3.0.101-108.201.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-devel-3.0.101-108.201.1.x86_64",
                "product": {
                  "name": "kernel-xen-devel-3.0.101-108.201.1.x86_64",
                  "product_id": "kernel-xen-devel-3.0.101-108.201.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
                  "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-default-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-default-base-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-default-devel-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-3.0.101-108.201.1.noarch as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.201.1.noarch"
        },
        "product_reference": "kernel-docs-3.0.101-108.201.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-ec2-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-base-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-ec2-base-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-devel-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-ec2-devel-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-source-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-syms-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-trace-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-base-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-trace-base-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-devel-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-trace-devel-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-xen-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-base-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-xen-base-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.0.101-108.201.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.201.1.x86_64"
        },
        "product_reference": "kernel-xen-devel-3.0.101-108.201.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-0920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-0920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.201.1.noarch",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.201.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-0920",
          "url": "https://www.suse.com/security/cve/CVE-2021-0920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193731 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1193731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194463 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1194463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195939 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1195939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.201.1.noarch",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.201.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.201.1.noarch",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.201.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-27T15:09:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-0920"
    },
    {
      "cve": "CVE-2025-38177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: make hfsc_qlen_notify() idempotent\n\nhfsc_qlen_notify() is not idempotent either and not friendly\nto its callers, like fq_codel_dequeue(). Let\u0027s make it idempotent\nto ease qdisc_tree_reduce_backlog() callers\u0027 life:\n\n1. update_vf() decreases cl-\u003ecl_nactive, so we can check whether it is\nnon-zero before calling it.\n\n2. eltree_remove() always removes RB node cl-\u003eel_node, but we can use\n   RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.201.1.noarch",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.201.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.201.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38177",
          "url": "https://www.suse.com/security/cve/CVE-2025-38177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237312 for CVE-2025-38177",
          "url": "https://bugzilla.suse.com/1237312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245986 for CVE-2025-38177",
          "url": "https://bugzilla.suse.com/1245986"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1246356 for CVE-2025-38177",
          "url": "https://bugzilla.suse.com/1246356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247374 for CVE-2025-38177",
          "url": "https://bugzilla.suse.com/1247374"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.201.1.noarch",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.201.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.201.1.noarch",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.201.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.201.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-27T15:09:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38177"
    }
  ]
}

CVE-2025-38177 (GCVE-0-2025-38177)

Vulnerability from cvelistv5 – Published: 2025-07-04 12:47 – Updated: 2026-01-02 15:30

Title

sch_hfsc: make hfsc_qlen_notify() idempotent

Summary

In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/9a5fd5c2f4d4afdd5…
	https://git.kernel.org/stable/c/72c61ffbeeb8c50f6…
	https://git.kernel.org/stable/c/a5efc95a33bd4fcb8…
	https://git.kernel.org/stable/c/0475c85426b18eccd…
	https://git.kernel.org/stable/c/9030a91235ae4845e…
	https://git.kernel.org/stable/c/d06476714d2819b55…
	https://git.kernel.org/stable/c/c1175c4ad01dbc9c9…
	https://git.kernel.org/stable/c/51eb3b65544c9efd6…

Impacted products

Vendor

Product

Version

Linux

Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 9a5fd5c2f4d4afdd5e405083ee53e0789ce76956 (git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 72c61ffbeeb8c50f6d4d70c65d3283aa1bac57a7 (git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < a5efc95a33bd4fcb879250852828cc58c7862970 (git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 0475c85426b18eccdcb7f9fb58d8f8e9c6c58c87 (git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 9030a91235ae4845ec71902c3e0cecfc9ed1f2df (git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < d06476714d2819b550e0cc39222347e2c8941c9d (git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < c1175c4ad01dbc9c979d099861fa90a754f72059 (git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 51eb3b65544c9efd6a1026889ee5fb5aa62da3bb (git)

Linux

Affected: 4.14
Unaffected: 0 , < 4.14 (semver)
Unaffected: 5.4.297 , ≤ 5.4.* (semver)
Unaffected: 5.10.241 , ≤ 5.10.* (semver)
Unaffected: 5.15.190 , ≤ 5.15.* (semver)
Unaffected: 6.1.138 , ≤ 6.1.* (semver)
Unaffected: 6.6.90 , ≤ 6.6.* (semver)
Unaffected: 6.12.28 , ≤ 6.12.* (semver)
Unaffected: 6.14.6 , ≤ 6.14.* (semver)
Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:58:30.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_hfsc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9a5fd5c2f4d4afdd5e405083ee53e0789ce76956",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            },
            {
              "lessThan": "72c61ffbeeb8c50f6d4d70c65d3283aa1bac57a7",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            },
            {
              "lessThan": "a5efc95a33bd4fcb879250852828cc58c7862970",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            },
            {
              "lessThan": "0475c85426b18eccdcb7f9fb58d8f8e9c6c58c87",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            },
            {
              "lessThan": "9030a91235ae4845ec71902c3e0cecfc9ed1f2df",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            },
            {
              "lessThan": "d06476714d2819b550e0cc39222347e2c8941c9d",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            },
            {
              "lessThan": "c1175c4ad01dbc9c979d099861fa90a754f72059",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            },
            {
              "lessThan": "51eb3b65544c9efd6a1026889ee5fb5aa62da3bb",
              "status": "affected",
              "version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_hfsc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.14"
            },
            {
              "lessThan": "4.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.297",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.190",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.138",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.90",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.28",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.297",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.241",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.190",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.138",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.90",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.28",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.6",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: make hfsc_qlen_notify() idempotent\n\nhfsc_qlen_notify() is not idempotent either and not friendly\nto its callers, like fq_codel_dequeue(). Let\u0027s make it idempotent\nto ease qdisc_tree_reduce_backlog() callers\u0027 life:\n\n1. update_vf() decreases cl-\u003ecl_nactive, so we can check whether it is\nnon-zero before calling it.\n\n2. eltree_remove() always removes RB node cl-\u003eel_node, but we can use\n   RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-02T15:30:10.869Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9a5fd5c2f4d4afdd5e405083ee53e0789ce76956"
        },
        {
          "url": "https://git.kernel.org/stable/c/72c61ffbeeb8c50f6d4d70c65d3283aa1bac57a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/a5efc95a33bd4fcb879250852828cc58c7862970"
        },
        {
          "url": "https://git.kernel.org/stable/c/0475c85426b18eccdcb7f9fb58d8f8e9c6c58c87"
        },
        {
          "url": "https://git.kernel.org/stable/c/9030a91235ae4845ec71902c3e0cecfc9ed1f2df"
        },
        {
          "url": "https://git.kernel.org/stable/c/d06476714d2819b550e0cc39222347e2c8941c9d"
        },
        {
          "url": "https://git.kernel.org/stable/c/c1175c4ad01dbc9c979d099861fa90a754f72059"
        },
        {
          "url": "https://git.kernel.org/stable/c/51eb3b65544c9efd6a1026889ee5fb5aa62da3bb"
        }
      ],
      "title": "sch_hfsc: make hfsc_qlen_notify() idempotent",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38177",
    "datePublished": "2025-07-04T12:47:09.127Z",
    "dateReserved": "2025-04-16T04:51:23.992Z",
    "dateUpdated": "2026-01-02T15:30:10.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-0920 (GCVE-0-2021-0920)

Vulnerability from cvelistv5 – Published: 2021-12-15 18:05 – Updated: 2025-10-21 23:15

Summary

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel

Severity ?

6.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

Elevation of privilege

Assigner

google_android

References

URL

	Vendor	Product	Version
	n/a	Android	Affected: Android kernel

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2026:0688-1

CVE-2025-38177 (GCVE-0-2025-38177)

CVE-2021-0920 (GCVE-0-2021-0920)

Tags

Sightings

Nomenclature