Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-21788
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-27 Feb, 2025 | 02:18
Updated At-01 Oct, 2025 | 19:36
Rejected At-
▼CVE Numbering Authority (CNA)
net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDP_PASS then we leak the memory allocated by am65_cpsw_build_skb(). It is pointless to allocate SKB memory before running the XDP program as we would be wasting CPU cycles for cases other than XDP_PASS. Move the SKB allocation after evaluating the XDP program result. This fixes the memleak. A performance boost is seen for XDP_DROP test. XDP_DROP test: Before: 460256 rx/s 0 err/s After: 784130 rx/s 0 err/s

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/ethernet/ti/am65-cpsw-nuss.c
Default Status
unaffected
Versions
Affected
  • From 8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 before 1bba1d042107167164a0ae3a843fdf650ab005d7 (git)
  • From 8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 before dc11f049612b9d926aca2e55f8dc9d82850d0da3 (git)
  • From 8acacc40f7337527ff84cd901ed2ef0a2b95b2b6 before 5db843258de1e4e6b1ef1cbd1797923c9e3de548 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/ethernet/ti/am65-cpsw-nuss.c
Default Status
affected
Versions
Affected
  • 6.10
Unaffected
  • From 0 before 6.10 (semver)
  • From 6.12.16 through 6.12.* (semver)
  • From 6.13.4 through 6.13.* (semver)
  • From 6.14 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/1bba1d042107167164a0ae3a843fdf650ab005d7
N/A
https://git.kernel.org/stable/c/dc11f049612b9d926aca2e55f8dc9d82850d0da3
N/A
https://git.kernel.org/stable/c/5db843258de1e4e6b1ef1cbd1797923c9e3de548
N/A
Hyperlink: https://git.kernel.org/stable/c/1bba1d042107167164a0ae3a843fdf650ab005d7
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/dc11f049612b9d926aca2e55f8dc9d82850d0da3
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/5db843258de1e4e6b1ef1cbd1797923c9e3de548
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-401CWE-401 Missing Release of Memory after Effective Lifetime
Type: CWE
CWE ID: CWE-401
Description: CWE-401 Missing Release of Memory after Effective Lifetime
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found