DEBIAN-CVE-2025-21788

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2025-21788

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2025-21788.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2025-21788

Upstream

CVE-2025-21788

Published

2025-02-27T03:15:19Z

Modified

2025-09-19T06:03:37Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDPPASS then we leak the memory allocated by am65cpswbuildskb(). It is pointless to allocate SKB memory before running the XDP program as we would be wasting CPU cycles for cases other than XDPPASS. Move the SKB allocation after evaluating the XDP program result. This fixes the memleak. A performance boost is seen for XDPDROP test. XDP_DROP test: Before: 460256 rx/s 0 err/s After: 784130 rx/s 0 err/s

References

https://security-tracker.debian.org/tracker/CVE-2025-21788

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.16-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.16-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}