VYPR
Unrated severityNVD Advisory· Published Aug 16, 2025· Updated Nov 3, 2025

atm: clip: Fix memory leak of struct clip_vcc.

CVE-2025-38546

Description

In the Linux kernel, the following vulnerability has been resolved:

atm: clip: Fix memory leak of struct clip_vcc.

ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to vcc->user_back.

The code assumes that vcc_destroy_socket() passes NULL skb to vcc->push() when the socket is close()d, and then clip_push() frees clip_vcc.

However, ioctl(ATMARPD_CTRL) sets NULL to vcc->push() in atm_init_atmarp(), resulting in memory leak.

Let's serialise two ioctl() by lock_sock() and check vcc->push() in atm_init_atmarp() to prevent memleak.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

248

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.