Memory Leak in Linux Kernel Ethernet Driver for TI AM65 CPSW
CVE-2025-21788

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2025-21788?

A vulnerability exists in the Linux kernel's TI AM65 CPSW ethernet driver, where memory allocated for SKB structures is not properly managed in certain XDP (eXpress Data Path) scenarios. Specifically, if the XDP program does not yield an XDP_PASS result, the associated memory remains unreleased, leading to a memory leak. This inefficiency incurs unnecessary CPU overhead due to the preemptive allocation of SKB memory. By adjusting the SKB allocation to occur only after evaluating the XDP program result, this flaw has been rectified, resulting in enhanced performance metrics, notably increasing packet reception rates during XDP_DROP tests.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 < 1bba1d042107167164a0ae3a843fdf650ab005d7

Linux 8acacc40f7337527ff84cd901ed2ef0a2b95b2b6

Linux 8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 < 5db843258de1e4e6b1ef1cbd1797923c9e3de548

References

https://git.kernel.org/stable/c/1bba1d042107167164a0ae3a8...
https://git.kernel.org/stable/c/dc11f049612b9d926aca2e55f...
https://git.kernel.org/stable/c/5db843258de1e4e6b1ef1cbd1...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.