CVE-2025-37788

Summary

In the Linux kernel, the following vulnerability has been resolved:

cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path

In the for loop used to allocate the loc_array and bmap for each port, a memory leak is possible when the allocation for loc_array succeeds, but the allocation for bmap fails. This is because when the control flow goes to the label free_eth_finfo, only the allocations starting from (i-1)th iteration are freed.

Fix that by freeing the loc_array in the bmap allocation error path.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd915c299f1da68a7dbb43895b8741c7b916c9d08 < e9de08e15aee35b96064960f95997bb6c1209c4baffected
LinuxLinuxd915c299f1da68a7dbb43895b8741c7b916c9d08 < 118d05b530343cd9322607b9719405ba254a4183affected
LinuxLinuxd915c299f1da68a7dbb43895b8741c7b916c9d08 < fa2d7708955e4f8212fd69bab1da604e60cb0b15affected
LinuxLinuxd915c299f1da68a7dbb43895b8741c7b916c9d08 < 08aa59c0be768596467552c129e9f82166779a67affected
LinuxLinuxd915c299f1da68a7dbb43895b8741c7b916c9d08 < dafb6e433ab2333b67be05433dc9c6ccbc7b1284affected
LinuxLinuxd915c299f1da68a7dbb43895b8741c7b916c9d08 < 76deedea08899885f076aba0bb80bd1276446822affected
LinuxLinuxd915c299f1da68a7dbb43895b8741c7b916c9d08 < 00ffb3724ce743578163f5ade2884374554ca021affected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.237 <= 5.10.*unaffected
LinuxLinux5.15.181 <= 5.15.*unaffected
LinuxLinux6.1.135 <= 6.1.*unaffected
LinuxLinux6.6.88 <= 6.6.*unaffected
LinuxLinux6.12.25 <= 6.12.*unaffected
LinuxLinux6.14.4 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References