CVE-2025-38546
published 2025-08-16CVE-2025-38546: In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clip_vcc. ioctl(ATMARP_MKIP) allocates struct clip_vcc…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
atm: clip: Fix memory leak of struct clip_vcc.
ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to
vcc->user_back.
The code assumes that vcc_destroy_socket() passes NULL skb
to vcc->push() when the socket is close()d, and then clip_push()
frees clip_vcc.
However, ioctl(ATMARPD_CTRL) sets NULL to vcc->push() in
atm_init_atmarp(), resulting in memory leak.
Let's serialise two ioctl() by lock_sock() and check vcc->push()
in atm_init_atmarp() to prevent memleak.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2fb37ab3226606cbfc9b2b6f9e301b0b735734c5 | 2fb37ab3226606cbfc9b2b6f9e301b0b735734c5 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9e4dbeee56f614e3f1e166e5d0655a999ea185ef | 9e4dbeee56f614e3f1e166e5d0655a999ea185ef |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1c075e88d5859a2c6b43b27e0e46fb281cef8039 | 1c075e88d5859a2c6b43b27e0e46fb281cef8039 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0c17ff462d98c997d707ee5cf4e4a9b1b52b9d90 | 0c17ff462d98c997d707ee5cf4e4a9b1b52b9d90 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1fb9fb5a4b5cec2d56e26525ef8c519de858fa60 | 1fb9fb5a4b5cec2d56e26525ef8c519de858fa60 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9f771816f14da6d6157a8c30069091abf6b566fb | 9f771816f14da6d6157a8c30069091abf6b566fb |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < cb2e4a2f8f268d8fba6662f663a2e57846f14a8d | cb2e4a2f8f268d8fba6662f663a2e57846f14a8d |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 62dba28275a9a3104d4e33595c7b3328d4032d8d | 62dba28275a9a3104d4e33595c7b3328d4032d8d |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.41-1 | 6.12.41-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 2.6.13 < 5.4.296 | 5.4.296 |
| linux | linux_kernel | >= 5.11 < 5.15.189 | 5.15.189 |
| linux | linux_kernel | >= 5.16 < 6.1.146 | 6.1.146 |
| linux | linux_kernel | >= 5.5 < 5.10.240 | 5.10.240 |
| linux | linux_kernel | >= 6.13 < 6.15.7 | 6.15.7 |
| linux | linux_kernel | >= 6.2 < 6.6.99 | 6.6.99 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM