-

CVE-2025-40175

In the Linux kernel, the following vulnerability has been resolved:

idpf: cleanup remaining SKBs in PTP flows

When the driver requests Tx timestamp value, one of the first steps is
to clone SKB using skb_get. It increases the reference counter for that
SKB to prevent unexpected freeing by another component.
However, there may be a case where the index is requested, SKB is
assigned and never consumed by PTP flows - for example due to reset during
running PTP apps.

Add a check in release timestamping function to verify if the SKB
assigned to Tx timestamp latch was freed, and release remaining SKBs.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < 2c84e91ef831d4fedb0b94670b3cfd1cc5f966a5
Version 4901e83a94ef0a8baf27916f31daf59b0a68547f
Status affected
Version < a3f8c0a273120fd2638f03403e786c3de2382e72
Version 4901e83a94ef0a8baf27916f31daf59b0a68547f
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 6.16
Status affected
Version < 6.16
Version 0
Status unaffected
Version <= 6.17.*
Version 6.17.5
Status unaffected
Version <= *
Version 6.18
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.066
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String