CVE-2025-37955

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37955
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37955.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37955
Downstream
Published
2025-05-20T16:01:49.209Z
Modified
2025-11-16T17:16:38.109330Z
Summary
virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable()
Details

In the Linux kernel, the following vulnerability has been resolved:

virtio-net: free xskbuffs on error in virtnetxskpoolenable()

The selftests added to our CI by Bui Quang Minh recently reveals that there is a mem leak on the error path of virtnetxskpool_enable():

unreferenced object 0xffff88800a68a000 (size 2048): comm "xdphelper", pid 318, jiffies 4294692778 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): _kvmallocnodenoprof+0x402/0x570 virtnetxskpoolenable+0x293/0x6a0 (drivers/net/virtionet.c:5882) xpassigndev+0x369/0x670 (net/xdp/xskbuffpool.c:226) xskbind+0x6a5/0x1ae0 _sysbind+0x15e/0x230 _x64sysbind+0x72/0xb0 dosyscall64+0xc1/0x1d0 entrySYSCALL64afterhwframe+0x77/0x7f

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e9f3962441c0a4d6f16c656e6c8aa02a3ccdd568
Fixed
94a6f6c204abb2b2dcd2ce287536cc924469cfb5
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e9f3962441c0a4d6f16c656e6c8aa02a3ccdd568
Fixed
ba6917810bb4a5a32661fa941717399052b3f0d9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e9f3962441c0a4d6f16c656e6c8aa02a3ccdd568
Fixed
4397684a292a71fbc1e815c3e283f7490ddce5ae

Affected versions

v6.*

v6.10
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1
v6.14.2
v6.14.3
v6.14.4
v6.14.5
v6.14.6
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4397684a292a71fbc1e815c3e283f7490ddce5ae",
        "signature_type": "Line",
        "target": {
            "file": "drivers/net/virtio_net.c"
        },
        "id": "CVE-2025-37955-248939db",
        "digest": {
            "line_hashes": [
                "237956896497720729356540317402720404739",
                "14356089121188471069627755386654797956",
                "81583664761367519410273160162976985079",
                "173203002506719432983924477583812039289",
                "85726532828680209226560660812807851945",
                "202329435013395350685293217162366427347",
                "39598400724285760669305799527660973755",
                "286042007830713474207599139655236568960",
                "88595931535497170893340759796090011086"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@94a6f6c204abb2b2dcd2ce287536cc924469cfb5",
        "signature_type": "Function",
        "target": {
            "function": "virtnet_xsk_pool_enable",
            "file": "drivers/net/virtio_net.c"
        },
        "id": "CVE-2025-37955-3b897eed",
        "digest": {
            "length": 1271.0,
            "function_hash": "175951740585179156222123644037591197116"
        },
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ba6917810bb4a5a32661fa941717399052b3f0d9",
        "signature_type": "Function",
        "target": {
            "function": "virtnet_xsk_pool_enable",
            "file": "drivers/net/virtio_net.c"
        },
        "id": "CVE-2025-37955-5725d140",
        "digest": {
            "length": 1271.0,
            "function_hash": "175951740585179156222123644037591197116"
        },
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ba6917810bb4a5a32661fa941717399052b3f0d9",
        "signature_type": "Line",
        "target": {
            "file": "drivers/net/virtio_net.c"
        },
        "id": "CVE-2025-37955-821a3404",
        "digest": {
            "line_hashes": [
                "237956896497720729356540317402720404739",
                "14356089121188471069627755386654797956",
                "81583664761367519410273160162976985079",
                "173203002506719432983924477583812039289",
                "85726532828680209226560660812807851945",
                "202329435013395350685293217162366427347",
                "39598400724285760669305799527660973755",
                "286042007830713474207599139655236568960",
                "88595931535497170893340759796090011086"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@94a6f6c204abb2b2dcd2ce287536cc924469cfb5",
        "signature_type": "Line",
        "target": {
            "file": "drivers/net/virtio_net.c"
        },
        "id": "CVE-2025-37955-87115989",
        "digest": {
            "line_hashes": [
                "237956896497720729356540317402720404739",
                "14356089121188471069627755386654797956",
                "81583664761367519410273160162976985079",
                "173203002506719432983924477583812039289",
                "85726532828680209226560660812807851945",
                "202329435013395350685293217162366427347",
                "39598400724285760669305799527660973755",
                "286042007830713474207599139655236568960",
                "88595931535497170893340759796090011086"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4397684a292a71fbc1e815c3e283f7490ddce5ae",
        "signature_type": "Function",
        "target": {
            "function": "virtnet_xsk_pool_enable",
            "file": "drivers/net/virtio_net.c"
        },
        "id": "CVE-2025-37955-b3217f3e",
        "digest": {
            "length": 1271.0,
            "function_hash": "175951740585179156222123644037591197116"
        },
        "deprecated": false
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.11.0
Fixed
6.12.29
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.14.7