Main Vulnerability Database SB2025071187

SB2025071187 - Resource management error in Linux kernel octeontx2 nic driver

Published: July 11, 2025

Security Bulletin ID SB2025071187

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2025-38278)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the otx2_qos_leaf_del_last() function in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/5df8db01d6a4e9c35a5ba5d7e130d5cecd3ffcb4
https://git.kernel.org/stable/c/67af4ec948e8ce3ea53a9cf614d01fddf172e56d
https://git.kernel.org/stable/c/ec62c99914a79d84c8de5ba1b94d62f2ed721f2a
https://git.kernel.org/stable/c/f1fca0eae5a0573f226f46c6871260278e7dda12