SB2025070503 - Memory leak in Linux kernel atm driver
Published: July 5, 2025
Security Bulletin ID
SB2025070503
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2025-38185)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmtcp_c_send() function in drivers/atm/atmtcp.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1b0ad18704913c92a3ad53748fbc0f219a75b876
- https://git.kernel.org/stable/c/2f370ae1fb6317985f3497b1bb80d457508ca2f7
- https://git.kernel.org/stable/c/3261c017a7c5d2815c6a388c5a3280d1fba0e8db
- https://git.kernel.org/stable/c/a4b0fd8c25a7583f8564af6cc910418fb8954e89
- https://git.kernel.org/stable/c/c19c0943424b412a84fdf178e6c71fe5480e4f0f
- https://git.kernel.org/stable/c/c9260c837de1d2b454960a4a2e44a81272fbcd22
- https://git.kernel.org/stable/c/ca00f0e6d733ecd9150716d1fd0138d26e674706
- https://git.kernel.org/stable/c/e996507f59610e5752b8702537f13f551e7a2c96