CVE-2025-38057
Published: June 21, 2025Last modified: June 21, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: espintcp: fix skb leaks A few error paths are missing a kfree_skb.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.159-r0) |
| 25 LTS | linux-lts | Fixed (6.12.41-r0) | |
| Stream | linux-lts | Fixed (6.12.41-r0) |
References
- https://git.kernel.org/stable/c/28756f22de48d25256ed89234b66b9037a3f0157
- https://git.kernel.org/stable/c/63c1f19a3be3169e51a5812d22a6d0c879414076
- https://git.kernel.org/stable/c/d8d79cf8c2b7475c22f9874eb844bcc80f858b13
- https://git.kernel.org/stable/c/e2e1f50fc5ebd2826c4e8c558dc65434382d0c0b
- https://git.kernel.org/stable/c/eb058693dfc93ed7a9c365adb899fedd648b9d9f