CVE-2025-38057

Published: Jun 18, 2025Modified: Mar 17, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: espintcp: fix skb leaks A few error paths are missing a kfree_skb.

Affected (9)

Products: Linux: Linux Kernel

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.6 to 6.12.31
Linux Linux Kernel	From 6.13 to 6.14.9
Linux Linux Kernel	Version 6.15 rc1
Linux Linux Kernel	Version 6.15 rc2
Linux Linux Kernel	Version 6.15 rc3
Linux Linux Kernel	Version 6.15 rc4
Linux Linux Kernel	Version 6.15 rc5
Linux Linux Kernel	Version 6.15 rc6
Linux Linux Kernel	Version 6.15 rc7

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (6)

https://git.kernel.org/stable/c/05db2b850a2b8b17f3d1799f563ea1d550e05ed5

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/28756f22de48d25256ed89234b66b9037a3f0157

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/63c1f19a3be3169e51a5812d22a6d0c879414076

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/d8d79cf8c2b7475c22f9874eb844bcc80f858b13

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e2e1f50fc5ebd2826c4e8c558dc65434382d0c0b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/eb058693dfc93ed7a9c365adb899fedd648b9d9f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.