Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Netem Qdisc Tree Duplication Vulnerability Causes Denial-of-Service

Vulnerability

A vulnerability in the Linux kernel's network scheduling component can lead to a denial-of-service condition. This issue arises within the 'netem' queuing discipline (qdisc) when a duplicating 'netem' is placed in a tree with other 'netems'. The problem disrupts the duplication prevention logic, causing a soft lockup and an out-of-memory loop in the 'netem_dequeue' function. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause a soft lockup, where the system becomes unresponsive, and an out-of-memory loop in the 'netem_dequeue' function, leading to increased memory consumption and potential exhaustion of system resources.

Reproduction

To reproduce this vulnerability, add a netem queuing discipline to a qdisc tree that already contains other netems. Ensure that the netem being added has duplication enabled. This will disrupt the duplication prevention logic, causing a soft lockup and an out-of-memory loop in the netem_dequeue function.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version.

Added: Aug 19, 2025, 6:18 AM
Updated: Aug 19, 2025, 6:18 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.4
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.