CVE-2025-21972

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-21972
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21972.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-21972
Downstream
Related
Published
2025-04-01T16:15:28Z
Modified
2025-08-09T19:01:28Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: mctp: unshare packets when reassembling

Ensure that the fraglist used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak due to circular references between fragments and their skbshared_info.

The upcoming MCTP-over-USB driver uses skb_clone which can trigger the problem - other MCTP drivers don't share SKBs.

A kunit test is added to reproduce the issue.

References

Affected packages