CVE-2025-21788
MEDIUMLinux Kernel 6.10-6.12.15, 6.13.0-6.13.3 - Use-After-Free in XDP SKB Allocation
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDP_PASS then we leak the memory allocated by am65_cpsw_build_skb(). It is pointless to allocate SKB memory before running the XDP program as we would be wasting CPU cycles for cases other than XDP_PASS. Move the SKB allocation after evaluating the XDP program result. This fixes the memleak. A performance boost is seen for XDP_DROP test. XDP_DROP test: Before: 460256 rx/s 0 err/s After: 784130 rx/s 0 err/s
References (3)
Core 3
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/1bba1d042107167164a0ae3a843fdf650ab005d7
Mailing List, Patch
https://git.kernel.org/stable/c/dc11f049612b9d926aca2e55f8dc9d82850d0da3
Mailing List, Patch
https://git.kernel.org/stable/c/5db843258de1e4e6b1ef1cbd1797923c9e3de548
Scores
CVSS v3
5.5
EPSS
0.0020
EPSS Percentile
9.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-401
Status
published
Products (12)
linux/Kernel
6.10.0 - 6.12.16linux
linux/Kernel
6.13.0 - 6.13.4linux
Linux/Linux
< 6.10
Linux/Linux
6.10
Linux/Linux
6.12.16 - 6.12.*
Linux/Linux
6.13.4 - 6.13.*
Linux/Linux
6.14
Linux/Linux
8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 - 1bba1d042107167164a0ae3a843fdf650ab005d7
Linux/Linux
8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 - 5db843258de1e4e6b1ef1cbd1797923c9e3de548
Linux/Linux
8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 - dc11f049612b9d926aca2e55f8dc9d82850d0da3
... and 2 more
Published
Feb 27, 2025
Tracked Since
Feb 18, 2026