CVE-2025-38057

Summary

In the Linux kernel, the following vulnerability has been resolved:

espintcp: fix skb leaks

A few error paths are missing a kfree_skb.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < 05db2b850a2b8b17f3d1799f563ea1d550e05ed5affected
LinuxLinuxe27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < e2e1f50fc5ebd2826c4e8c558dc65434382d0c0baffected
LinuxLinuxe27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < d8d79cf8c2b7475c22f9874eb844bcc80f858b13affected
LinuxLinuxe27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < 28756f22de48d25256ed89234b66b9037a3f0157affected
LinuxLinuxe27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < eb058693dfc93ed7a9c365adb899fedd648b9d9faffected
LinuxLinuxe27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < 63c1f19a3be3169e51a5812d22a6d0c879414076affected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.15.199 <= 5.15.*unaffected
LinuxLinux6.1.159 <= 6.1.*unaffected
LinuxLinux6.6.117 <= 6.6.*unaffected
LinuxLinux6.12.31 <= 6.12.*unaffected
LinuxLinux6.14.9 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References