Description

In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB using skb_get. It increases the reference counter for that SKB to prevent unexpected freeing by another component. However, there may be a case where the index is requested, SKB is assigned and never consumed by PTP flows - for example due to reset during running PTP apps. Add a check in release timestamping function to verify if the SKB assigned to Tx timestamp latch was freed, and release remaining SKBs.

INFO

Published Date :

2025-11-12T10:53:50.166Z

Last Modified :

2025-12-01T06:19:30.807Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-40175 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-40175.

URL Resource
https://git.kernel.org/stable/c/2c84e91ef831d4fedb0b94670b3cfd1cc5f966a5 cve-icon cve-icon
https://git.kernel.org/stable/c/a3f8c0a273120fd2638f03403e786c3de2382e72 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025111255-CVE-2025-40175-9dd0@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-40175 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-40175 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact