Memory Management Issue in Linux Kernel Affecting ATM Subsystem
CVE-2025-38185

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38185?

A memory management issue was discovered in the Linux kernel's ATM subsystem. The vulnerability arises when handling socket buffers (skb) in the atmtcp_c_send method. If the skb length is zero, the code does not adequately free resources, leading to possible memory leaks. Specifically, both skb and socket structures are not released properly, resulting in uninitialized data being accessed. An attacker could exploit this flaw to cause unexpected behavior in applications using the ATM protocol. It is crucial to follow security advisories and apply patches immediately to mitigate risks associated with this vulnerability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1b0ad18704913c92a3ad53748fbc0f219a75b876

References

https://git.kernel.org/stable/c/c19c0943424b412a84fdf178e...

https://git.kernel.org/stable/c/a4b0fd8c25a7583f8564af6cc...

https://git.kernel.org/stable/c/1b0ad18704913c92a3ad53748...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025