Memory Leak Vulnerability in Linux Kernel's Netfilter Module
CVE-2025-39764

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 September 2025

What is CVE-2025-39764?

A memory leak vulnerability exists in the Netfilter component of the Linux kernel due to improper refcount handling in expectation dumps. The issue arises when the refcount is incremented in a manner that may result in double increments when the current expectation object is the last in line. This can lead to memory leaks, compromising system performance and reliability. Implementing improvements ensures that expectations are managed correctly within the code, ultimately enhancing overall system security.

Affected Version(s)

Linux cf6994c2b9812a9f02b99e89df411ffc5db9c779

Linux cf6994c2b9812a9f02b99e89df411ffc5db9c779 < 1492e3dcb2be3aa46d1963da96aa9593e4e4db5a

Linux 2.6.23

References

https://git.kernel.org/stable/c/a4d634ded4d3d400f115d84f6...

https://git.kernel.org/stable/c/1492e3dcb2be3aa46d1963da9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2025
Vulnerability Reserved
Apr 16, 2025