Memory Leak Vulnerability in Linux Kernel Affecting Multiple lwtunnel Implementations
CVE-2025-21768

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel related to lwtunnel configurations can lead to memory leakage. Specifically, certain lwtunnels may improperly cache destination references, preventing the state from being freed. This issue occurs when the packet destination remains unchanged, allowing for potential memory management problems. Discovered through the ioam6.sh test, this vulnerability highlights the importance of vigilant network monitoring and integrity checks within kernel operations.

Affected Version(s)

Linux 6c8702c60b88651072460f3f4026c7dfe2521d12 < 5ab11a4e219e93b8b31a27f8ec98d42afadd8b7a

Linux 6c8702c60b88651072460f3f4026c7dfe2521d12 < 4c0f200c7d06fedddde82209c099014d63f4a6c0

Linux 6c8702c60b88651072460f3f4026c7dfe2521d12 < 92191dd1073088753821b862b791dcc83e558e07

References

https://git.kernel.org/stable/c/5ab11a4e219e93b8b31a27f8e...

https://git.kernel.org/stable/c/4c0f200c7d06fedddde82209c...

https://git.kernel.org/stable/c/92191dd1073088753821b862b...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024