CVE-2025-37909

Опубликовано: 20 мая 2025

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the skb to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor prevents it from being freed, leading to a memory leak

Отчет

Microchip LAN743x driver suffers from a memory leak when GSO is enabled. If a TX frame has zero fragments, the skb was incorrectly mapped to an EXT descriptor instead of the LS descriptor, preventing proper release of memory. Fix ensures that skb is always mapped to the LS descriptor even in the single-fragment case, preventing memory leak during transmission.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Fix deferred
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected
Red Hat Enterprise Linux 9	kernel-rt	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=2367535kernel: net: lan743x: Fix memleak issue when GSO enabled

EPSS

Процентиль: 19%

0.00061

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2025-37909

ubuntu

2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the `skb` to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor prevents it from being freed, leading to a memory leak