CVE-2025-21972
- Source
- https://cve.org/CVERecord?id=CVE-2025-21972
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21972.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21972
- Downstream
- Related
- Published
- 2025-04-01T15:47:04.960Z
- Modified
- 2026-03-11T07:46:54.200983Z
- Summary
- net: mctp: unshare packets when reassembling
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: mctp: unshare packets when reassembling
Ensure that the fraglist used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak due to circular references between fragments and their skbshared_info.
The upcoming MCTP-over-USB driver uses skb_clone which can trigger the problem - other MCTP drivers don't share SKBs.
A kunit test is added to reproduce the issue.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21972.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/5c47d5bfa7b096cf8890afac32141c578583f8e0
- https://git.kernel.org/stable/c/f44fff3d3c6cd67b6f348b821d73c4d6888c7a6e
- https://git.kernel.org/stable/c/f5d83cf0eeb90fade4d5c4d17d24b8bee9ceeecc
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21972.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-21972