CVE-2025-37872

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the txgbe probe() function. The leak occurs when the txgbe sw init() function is called, allocating memory for the rss key variable, but this memory is not freed in the error path. This issue could potentially lead to a double free of the rss key when the mac table allocation fails in the wx sw init() function. The estimated number of potentially affected devices worldwide is not available.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the memory leak in the txgbe probe() error path. As a temporary workaround, consider disabling the txgbe probe() function until a patch is available. Restrict access to the vulnerable txgbe sw init() function to minimize the risk of exploitation. Avoid using the rss key variable in the affected API endpoint until the issue is resolved.