Unrated severityNVD Advisory· Published May 20, 2025· Updated May 26, 2025
virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable()
CVE-2025-37955
Description
In the Linux kernel, the following vulnerability has been resolved:
virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable()
The selftests added to our CI by Bui Quang Minh recently reveals that there is a mem leak on the error path of virtnet_xsk_pool_enable():
unreferenced object 0xffff88800a68a000 (size 2048): comm "xdp_helper", pid 318, jiffies 4294692778 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): __kvmalloc_node_noprof+0x402/0x570 virtnet_xsk_pool_enable+0x293/0x6a0 (drivers/net/virtio_net.c:5882) xp_assign_dev+0x369/0x670 (net/xdp/xsk_buff_pool.c:226) xsk_bind+0x6a5/0x1ae0 __sys_bind+0x15e/0x230 __x64_sys_bind+0x72/0xb0 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f
Affected products
41- osv-coords39 versionspkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-obs-qa&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-obs-qa&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 6.12.0-160000.26.1+ 38 more
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.