Linux Kernel Vulnerability in Ice Driver Affecting Multi-Buffer Frames
CVE-2025-39948
What is CVE-2025-39948?
A vulnerability in the ice driver's handling of multi-buffer frames in the Linux kernel can lead to a memory leak. The issue arises when the ice_put_rx_mbuf() function does not correctly process zero-sized descriptors, which might occur periodically during jumbo frame handling with 9K MTU. When these descriptors are skipped, corresponding memory isn't freed and remains in the ring, potentially causing memory exhaustion over time. This flaw requires a correction to ensure that all buffers are counted and appropriately managed, particularly for non-linear frames. By adopting proper iteration and management strategies, the vulnerability can be effectively mitigated.
Affected Version(s)
Linux 311813ed013c016d4b0b0985a9ee41f778489077 < 80555adb5c892f0e21d243ae96ed997ee520aea9
Linux 743bbd93cf29f653fae0e1416a31f03231689911
Linux 743bbd93cf29f653fae0e1416a31f03231689911 < 84bf1ac85af84d354c7a2fdbdc0d4efc8aaec34b