CVE-2025-21972

UNKNOWN 0.0

net: mctp: unshare packets when reassembling

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the frag_list used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak due to circular references between fragments and their skb_shared_info. The upcoming MCTP-over-USB driver uses skb_clone which can trigger the problem - other MCTP drivers don't share SKBs. A kunit test is added to reproduce the issue.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 1, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

4a992bbd365094730a31bae1e12a6ca695336d57 < 5c47d5bfa7b096cf8890afac32141c578583f8e0 4a992bbd365094730a31bae1e12a6ca695336d57 < f44fff3d3c6cd67b6f348b821d73c4d6888c7a6e 4a992bbd365094730a31bae1e12a6ca695336d57 < f5d83cf0eeb90fade4d5c4d17d24b8bee9ceeecc

Linux / Linux

5.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/5c47d5bfa7b096cf8890afac32141c578583f8e0 git.kernel.org: https://git.kernel.org/stable/c/f44fff3d3c6cd67b6f348b821d73c4d6888c7a6e git.kernel.org: https://git.kernel.org/stable/c/f5d83cf0eeb90fade4d5c4d17d24b8bee9ceeecc