CVE-2025-38148

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: phy: mscc: Fix memory leak when using one step timestamping

Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the frame, so there is no reason to keep the skb anymore. As in this case the HW will never generate an interrupt to say that the frame was timestamped, then the frame will never released. Fix this by freeing the frame in case of one-step timestamping.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7d272e63e0979d38a6256108adbe462d621c26c5 < 24b24295464f25fb771d36ed558c7cd942119361affected
LinuxLinux7d272e63e0979d38a6256108adbe462d621c26c5 < db2a12ddd3a31f668137ff6a4befc1343c79cbc4affected
LinuxLinux7d272e63e0979d38a6256108adbe462d621c26c5 < 0b40aeaf83ca04d4c9801e235b7533400c8b5f17affected
LinuxLinux7d272e63e0979d38a6256108adbe462d621c26c5 < 66abe22017522dd56b820e41ca3a5b131a637001affected
LinuxLinux7d272e63e0979d38a6256108adbe462d621c26c5 < cdbabd316c5a4a9b0fda6aafe491e2db17fbb95daffected
LinuxLinux7d272e63e0979d38a6256108adbe462d621c26c5 < 846992645b25ec4253167e3f931e4597eb84af56affected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.15.192 <= 5.15.*unaffected
LinuxLinux6.1.142 <= 6.1.*unaffected
LinuxLinux6.6.94 <= 6.6.*unaffected
LinuxLinux6.12.34 <= 6.12.*unaffected
LinuxLinux6.15.3 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References