CVE-2025-37757

MEDIUM EPSS 5.3%
Published May 1, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded, tipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to memory leak and failure when a skb is allocated. This commit fixes this issue by purging the skb list before tipc_link_xmit() returns.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥4.11  –  <5.4.293
linuxlinux_kernel*≥5.5  –  <5.10.237
linuxlinux_kernel*≥5.11  –  <5.15.181
linuxlinux_kernel*≥5.16  –  <6.1.135
linuxlinux_kernel*≥6.2  –  <6.6.88
linuxlinux_kernel*≥6.7  –  <6.12.24
linuxlinux_kernel*≥6.13  –  <6.13.12
linuxlinux_kernel*≥6.14  –  <6.14.3
linuxlinux_kernel6.15any
debiandebian_linux11.0any

References 11

  • git.kernel.org https://git.kernel.org/stable/c/09c2dcda2c551bba30710c33f6ac678ae7395389
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/24e6280cdd7f8d01fc6b9b365fb800c2fb7ea9bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69ae94725f4fc9e75219d2d69022029c5b24bc9a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c5957f7905b4aede9d7a559d271438f3ca9e852
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/84895f5ce3829d9fc030e5ec2d8729da4c0c9d08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a40cbfbb8f95c325430f017883da669b2aa927d4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0e02d3d27a0b4dcb13f954f537ca1dd8f282dcf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d4d40e437adb376be16b3a12dd5c63f0fa768247
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed06675d3b8cd37120b447646d53f7cd3e6fcd63
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
    Mailing List
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
    Mailing List

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/09c2dcda2c551bba30710c33f6ac678ae7395389
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/24e6280cdd7f8d01fc6b9b365fb800c2fb7ea9bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69ae94725f4fc9e75219d2d69022029c5b24bc9a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c5957f7905b4aede9d7a559d271438f3ca9e852
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/84895f5ce3829d9fc030e5ec2d8729da4c0c9d08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a40cbfbb8f95c325430f017883da669b2aa927d4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0e02d3d27a0b4dcb13f954f537ca1dd8f282dcf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d4d40e437adb376be16b3a12dd5c63f0fa768247
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed06675d3b8cd37120b447646d53f7cd3e6fcd63
    Patch