Memory Leak Vulnerability in Linux Kernel Affecting Network Stack
CVE-2025-38057

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2025-38057?

A vulnerability in the Linux kernel's espintcp component has been identified, pertaining to insufficient memory management during error handling. Certain error paths are failing to adequately release memory allocated for socket buffers (skb), leading to potential memory leaks. This flaw could degrade system performance over time as memory resources become exhausted, making it essential to apply the necessary patches to ensure robust operation and security in affected environments.

Affected Version(s)

Linux e27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < 28756f22de48d25256ed89234b66b9037a3f0157

Linux e27cca96cd68fa2c6814c90f9a1cfd36bb68c593

Linux e27cca96cd68fa2c6814c90f9a1cfd36bb68c593 < 63c1f19a3be3169e51a5812d22a6d0c879414076

References

https://git.kernel.org/stable/c/28756f22de48d25256ed89234...

https://git.kernel.org/stable/c/eb058693dfc93ed7a9c365adb...

https://git.kernel.org/stable/c/63c1f19a3be3169e51a5812d2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Apr 16, 2025