| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025081626-CVE-2025-38542-f304@gregkh> Date: Sat, 16 Aug 2025 13:22:28 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38542: net: appletalk: Fix device refcount leak in atrtr_create() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix device refcount leak in atrtr_create() When updating an existing route entry in atrtr_create(), the old device reference was not being released before assigning the new device, leading to a device refcount leak. Fix this by calling dev_put() to release the old device reference before holding the new one. The Linux kernel CVE team has assigned CVE-2025-38542 to this issue. Affected and fixed versions =========================== Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 5.4.296 with commit b92bedf71f25303e203a4e657489d76691a58119 Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 5.10.240 with commit a7852b01793669248dce0348d14df89e77a32afd Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 5.15.189 with commit b2f5dfa87367fdce9f8b995bc6c38f64f9ea2c90 Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 6.1.146 with commit d2e9f50f0bdad73b64a871f25186b899624518c4 Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 6.6.99 with commit 4a17370da6e476d3d275534e9e9cd2d02c57ca46 Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 6.12.39 with commit 473f3eadfc73b0fb6d8dee5829d19a5772e387f7 Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 6.15.7 with commit 64124cf0aab0dd1e18c0fb5ae66e45741e727f8b Issue introduced in 2.6.12 with commit c7f905f0f6d49ed8c1aa4566c31f0383a0ba0c9d and fixed in 6.16 with commit 711c80f7d8b163d3ecd463cd96f07230f488e750 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38542 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: net/appletalk/ddp.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/b92bedf71f25303e203a4e657489d76691a58119 https://git.kernel.org/stable/c/a7852b01793669248dce0348d14df89e77a32afd https://git.kernel.org/stable/c/b2f5dfa87367fdce9f8b995bc6c38f64f9ea2c90 https://git.kernel.org/stable/c/d2e9f50f0bdad73b64a871f25186b899624518c4 https://git.kernel.org/stable/c/4a17370da6e476d3d275534e9e9cd2d02c57ca46 https://git.kernel.org/stable/c/473f3eadfc73b0fb6d8dee5829d19a5772e387f7 https://git.kernel.org/stable/c/64124cf0aab0dd1e18c0fb5ae66e45741e727f8b https://git.kernel.org/stable/c/711c80f7d8b163d3ecd463cd96f07230f488e750
Powered by blists - more mailing lists