Memory Leak in Ice Networking Driver for Linux Kernel
CVE-2025-38417

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38417?

A memory leak exists in the Ice networking driver within the Linux kernel, caused by improper handling of port representor memory structures during the reset procedures in switchdev mode. When a virtual function (VF) is involved, the system may attach or detach the VF incorrectly, leading to excessive memory allocation without proper deallocation, particularly in legacy configurations. This oversight can affect system performance and resource management, making it essential for users to apply relevant updates.

Affected Version(s)

Linux 415db8399d06a45ebd7b7d26b951f831a4b01801

Linux 415db8399d06a45ebd7b7d26b951f831a4b01801 < 48c8b214974dc55283bd5f12e3a483b27c403bbc

References

https://git.kernel.org/stable/c/d6715193de439b79f1d6a4c03...

https://git.kernel.org/stable/c/e97a7a051b55f55f276c15684...

https://git.kernel.org/stable/c/48c8b214974dc55283bd5f12e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025