CVE-2025-40175

Published: Nov 12, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB using skb_get. It increases the reference counter for that SKB to prevent unexpected freeing by another component. However, there may be a case where the index is requested, SKB is assigned and never consumed by PTP flows - for example due to reset during running PTP apps. Add a check in release timestamping function to verify if the SKB assigned to Tx timestamp latch was freed, and release remaining SKBs.

Vendor	Product	Versions
Linux	Linux	affected `4901e83a94ef0a8baf27916f31daf59b0a68547f - < 2c84e91ef831d4fedb0b94670b3cfd1cc5f966a5` affected `4901e83a94ef0a8baf27916f31daf59b0a68547f - < a3f8c0a273120fd2638f03403e786c3de2382e72`
Linux	Linux	affected `6.16` unaffected `0 - < 6.16` unaffected `6.17.5 - <= 6.17.` unaffected `6.18 - <= `

References

https://git.kernel.org/stable/c/2c84e91ef831d4fedb0b94670b3cfd1cc5f966a5

https://git.kernel.org/stable/c/a3f8c0a273120fd2638f03403e786c3de2382e72

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40175

Description

Affected Products

References